CNNVD-202506-2948 Information

Jun 23, 2025 cve

CNNVD ID

CNNVD-202506-2948

CVE-2023-47298

  • CNNVD Published: 2025-06-23

Description (Chinese)

NCR Atleos Terminal Handler是NCR Atleos公司的一款 ATM 企业软件解决方案,可降低成本、提高业务敏捷性并提高您的竞争优势。 NCR Atleos Terminal Handler 1.5.1版本存在安全漏洞,该漏洞源于SOAP API端点授权不当,可能导致获取用户敏感信息。

Description (English)

NCR Atleos Terminal Handler is an ATM enterprise software solution for NCR Atleos that reduces costs, improves business agility and enhances your competitive advantage. NCR Atleos Terminal Handler version 1.5.1 contains a security loophole, which stems from the inappropriate authorization of SOAP API endpoints and may lead to access to user-sensitive information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Ncvav

Published

2025-06-23

Last Modified

2026-02-24

References

https://drive.google.com/file/d/1-BDd0ycuYhuxo-lg4th-Cswimoqqzkot/view?usp=sharing https://github.com/pwahba/cve-research/blob/main/CVE-2023-47298/CVE-2023-47298.md https://access.redhat.com/security/cve/cve-2023-47298

Share on: