COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-48365

CVE-2023-48365

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2025-01-13
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-48365
⌖ exploited in the wild shame 80/100 ransomwareexploited-in-wild

Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.

Players implicated

Qlik Technologies Inc. · vendorSense · product

Description

Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.