VYPR
Unrated severityNVD Advisory· Published Mar 29, 2023· Updated Feb 18, 2025

Authentication bypass in UniRPC's udadmin service

CVE-2023-28503

Description

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from an authentication bypass vulnerability, where a special username with a deterministic password can be leveraged to bypass authentication checks and execute OS commands as the root user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Rocketsoftware/UniDatallm-fuzzy2 versions
    <8.2.4 build 3003+ 1 more
    • (no CPE)range: <8.2.4 build 3003
    • (no CPE)range: 0
  • Ncsoft/Universellm-fuzzy
    Range: <11.3.5 build 1001, <12.2.1 build 2002
  • Rocket Software/UniVersev5
    Range: 0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.