Security Advisory

CVE-2023-47315

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-22 00:00:00

Last updated 2024-08-02 21:09:36

Assigner mitre

State PUBLISHED

Description

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to a hard-coded JWT Secret. The secret is hardcoded into the source code available to anyone on Git Hub. This secret is used to sign the application’s JWT token and verify the incoming user-supplied tokens.

← Browse all CVEs View on cve.org ↗