8.8 - CVE-2023-41966

Executive Summary

Informations
Name	CVE-2023-41966	First vendor Publication	2023-10-26
Vendor	Cve	Last vendor Modification	2023-11-07

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score	8.8
Base Score	8.8	Environmental Score	8.8
impact SubScore	5.9	Temporal Score	8.8
Exploitabality Sub Score	2.8

Attack Vector	Network	Attack Complexity	Low
Privileges Required	Low	User Interaction	None
Scope	Unchanged	Confidentiality Impact	High
Integrity Impact	High	Availability Impact	High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score	N/A	Attack Range	N/A
Cvss Impact Score	N/A	Attack Complexity	N/A
Cvss Expoit Score	N/A	Authentication	N/A
Calculate full CVSS 2.0 Vectors scores

Detail

The application suffers from a privilege escalation vulnerability. A user with read permissions can elevate privileges by sending a HTTP POST
to set a parameter.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41966

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-269	Improper Privilege Management

CPE : Common Platform Enumeration

Type	Description	Count
Os	Sielco Analog Fm Transmitter Exc1000Gt Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc1000gt_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc1000Gx Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc1000gx_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc100Gt Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc100gt_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc120Gt Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc120gt_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc120Gx Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc120gx_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc1600Gx Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc1600gx_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc2000Gx Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc2000gx_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc3000Gx Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc3000gx_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc300Gt Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc300gt_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc300Gx Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc300gx_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc30Gt Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc30gt_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc5000Gt Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc5000gt_firmware:-:::::::*	1
Os	Sielco Analog Fm Transmitter Exc5000Gx Firmware cpe:2.3:o:sielco:analog_fm_transmitter_exc5000gx_firmware:-:::::::*	1
Os	Sielco Radio Link Exc19 Firmware cpe:2.3:o:sielco:radio_link_exc19_firmware:-:::::::*	1
Os	Sielco Radio Link Rtx19 Firmware cpe:2.3:o:sielco:radio_link_rtx19_firmware:-:::::::*	1

Sources (Detail)

Source	Url
MISC	https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08 https://www.sielco.org/en/contacts

Alert History

If you want to see full details history, please login or register.

Date	Informations
2023-11-07 21:27:23	Multiple Updates
2023-10-26 21:27:21	First insertion

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0241s

Facebook rss twitter linkedin mail