Critical severity9.8NVD Advisory· Published Dec 6, 2023· Updated Jun 17, 2026
CVE-2023-36655
CVE-2023-36655
Description
The login REST API in ProLion CryptoSpike 3.0.15P2 (when LDAP or Active Directory is used as the users store) allows a remote blocked user to login and obtain an authentication token by specifying a username with different uppercase/lowercase character combination.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ProLion/CryptoSpikedescription
- Range: 3.0.15P2
Patches
Vulnerability mechanics
References
2- www.cvcn.gov.it/cvcn/cve/CVE-2023-36655nvdExploitThird Party Advisory
- prolion.com/cryptospike/nvdProduct
News mentions
0No linked articles in our index yet.