← Back to CVE List

CVE-2023-47315

Published: 2023-11-22T17:15Z
Last Modified: 2024-11-21T08:30Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to a hard-coded JWT Secret. The secret is hardcoded into the source code available to anyone on Git Hub. This secret is used to sign the application’s JWT token and verify the incoming user-supplied tokens. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt