CRITICAL🇵🇱 Wersja polska

CVE-2023-6153

CVSS 9.8v3.1pub. 2024-03-27upd. 2026-05-20

Authentication Bypass by Primary Weakness vulnerability in TeoSOFT Software TeoBASE allows Authentication Bypass. This issue affects TeoBASE: through 20240327. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

🤖 AI Analysis
How it works

The vulnerability classified as CWE-305 (Authentication Bypass by Primary Weakness) consists of the ability to bypass the main authentication mechanism in the TeoBASE application. An attacker can remotely, without any privileges and without user interaction, bypass identity verification and gain unauthorized access to the system. The manufacturer, despite previous contact from researchers, did not respond to the report, which means there is no official statement or patch from TeoSOFT.

Impact

An attacker can gain full unauthorized access to the system — violating the confidentiality, integrity and availability of data — without the need to possess any access credentials.

Mitigation & patch

Patches available from the manufacturer should be applied according to references. Due to the manufacturer's lack of response to the vulnerability report, it is recommended to contact TeoSOFT to obtain information about available updates and to consider implementing additional access controls (e.g., restricting network access to the application through a firewall) until an official patch is released.

Who is affected

TeoSOFT Software TeoBASE in all versions up to and including 2024-03-27.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References