01642 06 11 11 Arrange Call

AlayaCare's Procura Portal 9.0.1.2 Vulnerability: Authentication Cookie Forgery

CVE-2023-6451 · HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CVE-2023-6451

Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows attackers to forge their own authentication cookies and bypass the application's authentication mechanisms.

Learn more about our Web Application Penetration Testing UK.