exploitDog

CVE-2023-22806

Опубликовано: 15 фев. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in cleartext when communicating over its XGT protocol. This could allow an attacker to gain sensitive information such as user credentials.

Ссылки

https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-02
Third Party Advisory
US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-23-040-02
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:ls-electric:xbc-dn32u_firmware:01.80:*:*:*:*:*:*:*

cpe:2.3:h:ls-electric:xbc-dn32u:-:*:*:*:*:*:*:*

EPSS

Процентиль: 17%

0.00054

Низкий

7.5 High

CVSS3

Дефекты

CWE-319

Связанные уязвимости

GHSA-8x54-v777-7269

CVSS3: 7.5

github

почти 3 года назад

LS ELECTRIC XBC-DN32U with operating system version 01.80 transmits sensitive information in cleartext when communicating over its XGT protocol. This could allow an attacker to gain sensitive information such as user credentials.

EPSS

Процентиль: 17%

0.00054

Низкий

7.5 High

CVSS3

Дефекты

CWE-319