Critical severity9.1NVD Advisory· Published Dec 12, 2023· Updated Jun 17, 2026
CVE-2023-36649
CVE-2023-36649
Description
Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate other users in web management and the REST API by reading JWT tokens from logs (as a Granafa authenticated user) or from the Loki REST API without authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ProLion/CryptoSpikedescription
- Range: =3.0.15P2
Patches
Vulnerability mechanics
References
1- www.cvcn.gov.it/cvcn/cve/CVE-2023-36649nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.