CVE-2023-36857

Опубликовано: 19 окт. 2023

Источник: nvd

CVSS3: 5.4

CVSS3: 6.5

EPSS Низкий

Описание

Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05

contains a replay vulnerability which could allow an attacker to

replay older captured packets of traffic to the device to gain access.

Ссылки

https://www.cisa.gov/news-events/ics-advisories/icsa-23-269-05
Third Party Advisory
US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-269-05
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:bakerhughes:bentley_nevada_3500_system_firmware:5.0.5:*:*:*:*:*:*:*

cpe:2.3:h:bakerhughes:bentley_nevada_3500_system:-:*:*:*:*:*:*:*

EPSS

Процентиль: 19%

0.00062

Низкий

5.4 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-294

Связанные уязвимости

GHSA-p42g-23f7-4prj

CVSS3: 5.4

github

больше 2 лет назад

Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to gain access.

EPSS

Процентиль: 19%

0.00062

Низкий

5.4 Medium

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-294