← Back

CVE-2023-47370

nvd nist
Published: Nov 9, 2023Modified: Nov 21, 2024

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Exploitability: 3.9 / Impact: 2.5
Source: NVD

Description

The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims.

Affected (1)

Products: Linecorp: Line
Linecorp
1 product
Line
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Line
Version 13.6.1

Related CWEs

CWE-326
Inadequate Encryption Strength
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

References (2)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.