CVE-2023-29975
First published: Thu Nov 09 2023(Updated: )
An issue discovered in Pfsense CE version 2.6.0 allows attackers to change the password of any user without verification.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| pfSense pfSense | =2.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2023-29975.
What is the severity of CVE-2023-29975?
The severity of CVE-2023-29975 is high with a severity value of 7.2.
What is the affected software version of CVE-2023-29975?
The affected software version of CVE-2023-29975 is Pfsense CE version 2.6.0.
How can attackers exploit CVE-2023-29975?
Attackers can exploit CVE-2023-29975 by changing the password of any user without verification.
Is there a reference link for CVE-2023-29975?
Yes, you can find more information about CVE-2023-29975 at https://www.esecforte.com/cve-2023-29975-unverified-password-changed/
- collector/nvd-api
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/weakness
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/pfsense
- canonical/pfsense pfsense
- version/pfsense pfsense/2.6.0