CNNVD-202506-2987 Information

Jun 23, 2025 cve

CNNVD ID

CNNVD-202506-2987

CVE-2023-47030

CNNVD Published: 2025-06-23

Description (Chinese)

NCR Atleos Terminal Handler是NCR Atleos公司的一款 ATM 企业软件解决方案，可降低成本、提高业务敏捷性并提高您的竞争优势。 NCR Atleos Terminal Handler 1.5.1版本存在安全漏洞，该漏洞源于UserService SOAP API端点对GET请求处理不当，可能导致执行任意代码和获取敏感信息。

Description (English)

NCR Atleos Terminal Handler is an ATM enterprise software solution for NCR Atleos that reduces costs, improves business agility and enhances your competitive advantage. NCR Atleos Terminal Handler version 1.5.1 contains a security loophole stemming from the inappropriate handling of GET requests by the UserService SOAP API endpoint, which may lead to the enforcement of arbitrary codes and access to sensitive information.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Ncvav

Published

2025-06-23

Last Modified

2026-02-24

References

https://drive.google.com/file/d/1ujUcB8XEs78WwWzs8cmD-u1Twqi10yEh/view?usp=sharing https://github.com/pwahba/cve-research/blob/main/CVE-2023-47030/CVE-2023-47030.md https://access.redhat.com/security/cve/cve-2023-47030

Share on: