exploitDog

CVE-2023-25913

Опубликовано: 21 авг. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information.

Ссылки

https://csirt.divd.nl/CVE-2023-25913
Third Party Advisory
https://csirt.divd.nl/DIVD-2023-00025
Third Party Advisory
https://csirt.divd.nl/CVE-2023-25913
Third Party Advisory
https://csirt.divd.nl/DIVD-2023-00025
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:danfoss:ak-sm_800a_firmware:*:*:*:*:*:*:*:*

Версия до 3.3 (включая)

cpe:2.3:h:danfoss:ak-sm_800a:-:*:*:*:*:*:*:*

EPSS

Процентиль: 24%

0.00083

Низкий

7.5 High

CVSS3

Дефекты

CWE-200

CWE-287

Связанные уязвимости

GHSA-h6fm-wmvq-ppw8

CVSS3: 7.7

github

больше 2 лет назад

Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information.

EPSS

Процентиль: 24%

0.00083

Низкий

7.5 High

CVSS3

Дефекты

CWE-200

CWE-287