CVE-2023-31445 Information

Description

Cassia Access controller before 2.1.1.2203171453 was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses phone numbers and privileges of all other users.

Reference

https://github.com/Dodge-MPTC/CVE-2023-31445-Unprivileged-Information-Disclosure https://www.cassianetworks.com