Sensitive Data Disclosure Vulnerability
(CVE-2023-40058)
Summary
Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment.
Affected Products
Access Rights Manager (ARM) 2023.2.1 and previous versions
Fixed Software Release
Acknowledgments
Anonymous working with Trend Micro Zero Day Initiative
Advisory Details
Severity
7.6 High
Advisory ID
First Published
12/20/2023
Last Updated
12/20/2023