CVE-2023-4310

CVE-2023-4310

Vendor Beyondtrust
Product Privileged Remote Access (PRA)
Weakness CWE-77
Published September 5, 2023
Last update October 1, 2024

CVSS base score

What the vulnerability does

01Description

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. Successful exploitation of this vulnerability can allow an unauthenticated remote attacker to execute underlying operating system commands within the context of the site user. This issue is fixed in version 23.2.3.

Key dates

02Disclosure timeline

September 5, 2023 CVE published
October 1, 2024 Record updated