{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T10:40:20.228","vulnerabilities":[{"cve":{"id":"CVE-2023-7240","sourceIdentifier":"security@opentext.com","published":"2024-05-07T13:15:47.973","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":" An improper authorization level has been detected in the login panel. It may lead to\nunauthenticated Server Side Request Forgery and allows to perform open services\nenumeration. Server makes query to provided server (Server IP/DNS field) and is\ntriggering connection to arbitrary address.\n\n"},{"lang":"es","value":"Se ha detectado un nivel de autorización inadecuado en el panel de inicio de sesión. Puede provocar Server Side Request Forgery no autenticadas y permite realizar una enumeración de servicios abiertos. El servidor realiza una consulta al servidor proporcionado (campo IP/DNS del servidor) y activa la conexión a una dirección arbitraria."}],"metrics":{"cvssMetricV31":[{"source":"security@opentext.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security@opentext.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"references":[{"url":"https://www.netiq.com/documentation/identity-console/identity_console1720000_releasenotes/data/identity_console1720000_releasenotes.html","source":"security@opentext.com"},{"url":"https://www.netiq.com/documentation/identity-console/identity_console1720000_releasenotes/data/identity_console1720000_releasenotes.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}