Medium severity5.3NVD Advisory· Published Aug 1, 2023· Updated Jun 17, 2026
CVE-2023-38357
CVE-2023-38357
Description
Session tokens in RWS WorldServer 11.7.3 and earlier have a low entropy and can be enumerated, leading to unauthorized access to user sessions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- RWS/WorldServerdescription
- Range: <=11.7.3
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/173609/RWS-WorldServer-11.7.3-Session-Token-Enumeration.htmlnvdExploitThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2023/Jul/30nvdExploitMailing ListThird Party Advisory
- www.redteam-pentesting.de/en/advisories/rt-sa-2023-001/-session-token-enumeration-in-rws-worldservernvdThird Party Advisory
News mentions
0No linked articles in our index yet.