exploitDog

CVE-2023-31048

Опубликовано: 12 дек. 2023

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

The OPC UA .NET Standard Reference Server before 1.4.371.86. places sensitive information into an error message that may be seen remotely.

Ссылки

https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-31048.pdf
Vendor Advisory
https://github.com/OPCFoundation/UA-.NETStandard/releases
Release Notes
https://github.com/OPCFoundation/UA-.NETStandard/releases/tag/1.4.371.86
Release Notes
https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-31048.pdf
Vendor Advisory
https://github.com/OPCFoundation/UA-.NETStandard/releases
Release Notes
https://github.com/OPCFoundation/UA-.NETStandard/releases/tag/1.4.371.86
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opcfoundation:ua-.netstandard:*:*:*:*:*:*:*:*

Версия до 1.4.371.86 (исключая)

EPSS

Процентиль: 61%

0.00407

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-209

CWE-209

Связанные уязвимости

GHSA-4cvp-hr63-822j

CVSS3: 5.3

github

почти 3 года назад

Exposure of Sensitive Information in OPC UA .NET Standard Reference Server

EPSS

Процентиль: 61%

0.00407

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-209

CWE-209