Unrated severityNVD Advisory· Published Oct 25, 2023· Updated Oct 15, 2024

Missing Authentication In IDAttend’s IDWeb Application

CVE-2023-26573

Description

Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier allows denial of service or theft of database login credentials.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Missing authentication in IDAttend IDWeb 3.1.052 and earlier allows DoS or theft of database credentials.

Vulnerability

The SetDB method in IDAttend's IDWeb application lacks authentication, present in versions 3.1.052 and earlier [1].

Exploitation

An unauthenticated attacker can call the SetDB method remotely without any credentials. No additional privileges or user interaction are required [1].

Impact

Successful exploitation can lead to denial of service or theft of database login credentials, potentially compromising the database [1].

Mitigation

No fix has been disclosed in the available reference. Users should monitor for vendor updates [1].

References

Missing Authentication In IDAttend’s IDWeb Application

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

IDAttend/IDWebllm-fuzzy
Range: <=3.1.052
IDAttend Pty Ltd/IDWebv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.themissinglink.com.au/security-advisories/cve-2023-26573mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000