Sensitive Data Disclosure Vulnerability 

(CVE-2023-40058)

Summary

Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment.

Affected Products

  • Access Rights Manager (ARM) 2023.2.1 and previous versions

Fixed Software Release

Acknowledgments

  • Anonymous working with Trend Micro Zero Day Initiative

Advisory Details

Severity

7.6 High

Advisory ID

First Published

12/20/2023

Last Updated

12/20/2023