Lucene search
HistoryNov 14, 2023 - 11:15 p.m.
CVE-2023-41570
mikrotik
routeros
v7.1
v7.11
access control
rest api
cve-2023-41570
nvd
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
0.0005 Low
EPSS
Percentile
17.9%
MikroTik RouterOS v7.1 to 7.11 was discovered to contain incorrect access control mechanisms in place for the Rest API.
Affected configurations
Node
mikrotikrouterosRange7.1–7.12-
| CPE | Name | Operator | Version |
|---|---|---|---|
| mikrotik:routeros | mikrotik routeros | lt | 7.12 |
Related
prion
prion
Design/Logic Flaw
2023-11-14 23:15:00
nessus
nessus
MikroTik RouterOS Improper Access Control (CVE-2023-41570)
2024-02-27 00:00:00
openvas
openvas
MikroTik RouterOS 7.1 < 7.12 Access Control Vulnerability
2023-11-24 00:00:00
nvd
nvd
CVE-2023-41570
2023-11-14 23:15:09
cvelist
cvelist
CVE-2023-41570
2023-11-14 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
0.0005 Low
EPSS
Percentile
17.9%
Related for CVE-2023-41570