CVE-2023-24476 Information

Description

An attacker with local access to the machine could record the traffic which could allow them to resend requests without the server authenticating that the user or session are valid.

Reference

https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-13