Lucene search

[email protected]CVE-2023-23324

HistoryNov 29, 2023 - 1:15 a.m.

CVE-2023-23324

2023-11-2901:15:07

CWE-798

[email protected]

web.nvd.nist.gov

cve-2023

zumtobel netlink ccd

firmware 3.80

hardcoded credentials

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account.

Affected configurations

NVD

Node

zumtobelnetlink_ccd_firmwareMatch3.80

AND

zumtobelnetlink_ccdMatch3.74

CPENameOperatorVersion
zumtobel:netlink_ccd_firmwarezumtobel netlink ccd firmwareeq3.80

CPE	Name	Operator	Version
zumtobel:netlink_ccd_firmware	zumtobel netlink ccd firmware	eq	3.80

References

zumtobel.com

yoroi.company/en/research/cve-advisory-partial-disclosure-zumtobel-multiple-vulnerabilities/

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

Related for CVE-2023-23324

prion1 cvelist1 nvd1