Newforma Info Exchange Default Anonymous Authentication Vulnerability

Vulnerability

A vulnerability exists in Newforma Info Exchange (NIX) versions prior to 2023.1, where the default setting allows anonymous authentication. This configuration enables an unauthenticated attacker to take advantage of other vulnerabilities within the application that require authentication.

Impact

Exploitation of this vulnerability could lead to unauthorized access, allowing attackers to exploit additional authenticated vulnerabilities within the application.

Added: Oct 9, 2025, 9:27 PM

Updated: Oct 9, 2025, 9:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Newforma Info Exchange Default Anonymous Authentication Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating