CVE-2023-47294 | THREATINT

Description

An issue in NCR Terminal Handler v1.5.1 allows low-level privileged authenticated attackers to arbitrarily deactivate, lock, and delete user accounts via a crafted session cookie.

PUBLISHED Reserved 2023-11-06 | Published 2025-06-23 | Updated 2025-06-26 | Assigner mitre

References

drive.google.com/...oCb34Mb7nCYZNrjW8cFxpzN/view?usp=sharing

github.com/...rch/blob/main/CVE-2023-47294/CVE-2023-47294.md

cve.org (CVE-2023-47294)

nvd.nist.gov (CVE-2023-47294)

Download JSON