Unrated severityNVD Advisory· Published Jan 11, 2024· Updated Jun 20, 2025
Missing authorisation in TCExam
CVE-2023-6554
Description
When access to the "admin" folder is not protected by some external authorization mechanisms e.g. Apache Basic Auth, it is possible for any user to download protected information like exam answers.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- cert.pl/en/posts/2024/01/CVE-2023-6554/mitrethird-party-advisory
- cert.pl/posts/2024/01/CVE-2023-6554/mitrethird-party-advisory
- tcexam.orgmitreproduct
News mentions
0No linked articles in our index yet.