CVE-2023-6554

CVE-2023-6554: Missing authorisation in TCExam

Vendor Tecnick.com
Product TCExam
Weakness CWE-862 · Missing authorization
Published January 11, 2024
Last update June 20, 2025

CVSS base score

What the vulnerability does

01Description

When access to the "admin" folder is not protected by some external authorization mechanisms e.g. Apache Basic Auth, it is possible for any user to download protected information like exam answers.

Key dates

02Disclosure timeline

January 11, 2024 CVE published
June 20, 2025 Record updated

Related vulnerabilities

04Related CVE