Lucene search
DIVDCVE-2023-22577HistoryApr 24, 2023 - 9:15 a.m.
CVE-2023-22577
2023-04-2409:15:09
CWE-200
DIVD
web.nvd.nist.gov
22
cve
2023
22577
white rabbit switch
unauthenticated user
sensitive information
password hashes
snmp community strings
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
High
EPSS
0.002
Percentile
61.3%
Within White Rabbit Switch it’s possible as an unauthenticated user to retrieve sensitive information such as password hashes and the SNMP community strings.
Affected configurations
Node
home.cernwhite_rabbit_switchMatch-
home.cernwhite_rabbit_switch_firmwareRange≤6.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| home.cern | white_rabbit_switch | - | cpe:2.3:h:home.cern:white_rabbit_switch:-:*:*:*:*:*:*:* |
| home.cern | white_rabbit_switch_firmware | * | cpe:2.3:o:home.cern:white_rabbit_switch_firmware:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "White Rabbit Switch",
"vendor": "CERN",
"versions": [
{
"lessThanOrEqual": "v6.0.1",
"status": "affected",
"version": "< v6.0.1",
"versionType": "vx.y.z"
}
]
}
]Related
prion
prion
Information disclosure
2023-04-24 09:15:00
cvelist
cvelist
CVE-2023-22577 White Rabbit Switch - Password Disclosure Vulnerability
2023-04-24 08:14:53
nvd
nvd
CVE-2023-22577
2023-04-24 09:15:09
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
High
EPSS
0.002
Percentile
61.3%
Related for CVE-2023-22577