NVD

Vulnerability Change Records for CVE-2023-1632

Action	Type	Old Value	New Value
Removed	CVSS V2	VulDB (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Removed	CVSS V3	VulDB AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Removed	CWE	VulDB CWE-285
Removed	CWE Reason	CWE-285 / More specific CWE option available
Changed	Description	DISPUTED A vulnerability has been found in Ellucian Banner Web Tailor 8.6 and classified as critical. This vulnerability affects unknown code of the file /PROD_ar/twbkwbis.P_FirstMenu of the component Login Page. The manipulation of the argument PIDM/WEBID leads to improper authorization. The attack can be initiated remotely. After submitting proper login credentials it becomes possible to generate new valid session identifiers on the OTP page. The real existence of this vulnerability is still doubted at the moment. VDB-224014 is the identifier assigned to this vulnerability.	REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Vendor identified that the vulnerability does not exist within the product, but merely with this particular on premise customer's implementation.
Removed	Reference	https://vuldb.com/?ctiid.224014 [Permissions Required, Third Party Advisory]
Removed	Reference	https://vuldb.com/?id.224014 [Permissions Required, Third Party Advisory]