Lucene search
MitreCVE-2023-23590HistoryJan 15, 2023 - 5:15 a.m.
CVE-2023-23590
2023-01-1505:15:09
mitre
web.nvd.nist.gov
22
mercedes-benz
xentry
retail
data storage
7.8.1
vulnerability
remote attackers
denial of service
unauthenticated api
network vulnerability
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.4
Confidence
High
EPSS
0.002
Percentile
58.2%
Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device.
Affected configurations
Node
mercedes-benzxentry_retail_data_storage_firmwareMatch7.8.1
mercedes-benzxentry_retail_data_storageMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mercedes-benz | xentry_retail_data_storage_firmware | 7.8.1 | cpe:2.3:o:mercedes-benz:xentry_retail_data_storage_firmware:7.8.1:*:*:*:*:*:*:* |
| mercedes-benz | xentry_retail_data_storage | - | cpe:2.3:h:mercedes-benz:xentry_retail_data_storage:-:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2023-23590
2023-01-15 05:15:09
cvelist
cvelist
CVE-2023-23590
2023-01-15 00:00:00
prion
prion
Design/Logic Flaw
2023-01-15 05:15:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.4
Confidence
High
EPSS
0.002
Percentile
58.2%
Related for CVE-2023-23590