CNNVD-202506-2964 Information

CNNVD ID

CNNVD-202506-2964

Related CVE

CVE-2023-47294

• CNNVD Published: 2025-06-23

Description (Chinese)

NCR Atleos Terminal Handler是NCR Atleos公司的一款 ATM 企业软件解决方案，可降低成本、提高业务敏捷性并提高您的竞争优势。 NCR Atleos Terminal Handler 1.5.1版本存在安全漏洞，该漏洞源于会话cookie验证不足，可能导致任意账户操作。

Description (English)

NCR Atleos Terminal Handler is an ATM enterprise software solution for NCR Atleos that reduces costs, improves business agility and enhances your competitive advantage. NCR Atleos Terminal Handler 1.5.1 has a security loophole, which stems from inadequate validation of session cookies and may lead to any account operation.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Ncvav

Published

2025-06-23

Last Modified

2026-02-24

References

https://github.com/pwahba/cve-research/blob/main/CVE-2023-47294/CVE-2023-47294.md https://drive.google.com/file/d/1owG3_2oVpoCb34Mb7nCYZNrjW8cFxpzN/view?usp=sharing https://access.redhat.com/security/cve/cve-2023-47294