Lucene search

[email protected]CVE-2023-42769

HistoryOct 26, 2023 - 5:15 p.m.

CVE-2023-42769

2023-10-2617:15:08

CWE-307

CWE-284

[email protected]

web.nvd.nist.gov

cve-2023-42769

cookie session

brute force

authentication bypass

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.1%

JSON

The cookie session ID is of insufficient length and can be exploited by
brute force, which may allow a remote attacker to obtain a valid
session, bypass authentication, and manipulate the transmitter.

Affected configurations

NVD

Node

sielcoanalog_fm_transmitter_exc5000gxMatch2.12

AND

sielcoanalog_fm_transmitter_exc5000gx_firmwareMatch-

Node

sielcoanalog_fm_transmitter_exc120gxMatch2.12

AND

sielcoanalog_fm_transmitter_exc120gx_firmwareMatch-

Node

sielcoanalog_fm_transmitter_exc300gxMatch2.11

AND

sielcoanalog_fm_transmitter_exc300gx_firmwareMatch-

Node

sielcoanalog_fm_transmitter_exc1600gxMatch2.10

AND

sielcoanalog_fm_transmitter_exc1600gx_firmwareMatch-

Node

sielcoanalog_fm_transmitter_exc2000gxMatch2.10

AND

sielcoanalog_fm_transmitter_exc2000gx_firmwareMatch-

Node

sielcoanalog_fm_transmitter_exc1600gxMatch2.08

AND

sielcoanalog_fm_transmitter_exc1600gx_firmwareMatch-

Node

sielcoanalog_fm_transmitter_exc1000gxMatch2.08

AND

sielcoanalog_fm_transmitter_exc1000gx_firmwareMatch-

Node

sielcoanalog_fm_transmitter_exc3000gxMatch2.07

AND

sielcoanalog_fm_transmitter_exc3000gx_firmwareMatch-

Node

sielcoanalog_fm_transmitter_exc5000gxMatch2.06

AND

sielcoanalog_fm_transmitter_exc5000gx_firmwareMatch-

Node

sielcoanalog_fm_transmitter_exc30gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc30gtMatch1.7.7

Node

sielcoanalog_fm_transmitter_exc300gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc300gtMatch1.7.4

Node

sielcoanalog_fm_transmitter_exc100gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc100gtMatch1.7.4

Node

sielcoanalog_fm_transmitter_exc5000gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc5000gtMatch1.7.4

Node

sielcoanalog_fm_transmitter_exc1000gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc1000gtMatch1.6.3

Node

sielcoanalog_fm_transmitter_exc120gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc120gtMatch1.5.4

Node

sielcoradio_link_rtx19_firmwareMatch-

AND

sielcoradio_link_rtx19Match2.06

Node

sielcoradio_link_rtx19_firmwareMatch-

AND

sielcoradio_link_rtx19Match2.05

Node

sielcoradio_link_exc19_firmwareMatch-

AND

sielcoradio_link_exc19Match2.00

Node

sielcoradio_link_rtx19_firmwareMatch-

AND

sielcoradio_link_rtx19Match1.60

Node

sielcoradio_link_rtx19_firmwareMatch-

AND

sielcoradio_link_rtx19Match1.59

Node

sielcoradio_link_exc19_firmwareMatch-

AND

sielcoradio_link_exc19Match1.55

CPENameOperatorVersion
sielco:analog_fm_transmitter_exc5000gx_firmwaresielco analog fm transmitter exc5000gx firmwareeq-

CPE	Name	Operator	Version
sielco:analog_fm_transmitter_exc5000gx_firmware	sielco analog fm transmitter exc5000gx firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Analog FM transmitter",
    "vendor": "Sielco",
    "versions": [
      {
        "status": "affected",
        "version": "2.12 (EXC5000GX)"
      },
      {
        "status": "affected",
        "version": "2.12 (EXC120GX)"
      },
      {
        "status": "affected",
        "version": "2.11 (EXC300GX)"
      },
      {
        "status": "affected",
        "version": "2.10 (EXC1600GX)"
      },
      {
        "status": "affected",
        "version": "2.10 (EXC2000GX)"
      },
      {
        "status": "affected",
        "version": "2.08 (EXC1600GX)"
      },
      {
        "status": "affected",
        "version": "2.08 (EXC1000GX)"
      },
      {
        "status": "affected",
        "version": "2.07 (EXC3000GX)"
      },
      {
        "status": "affected",
        "version": "2.06 (EXC5000GX)"
      },
      {
        "status": "affected",
        "version": "1.7.7 (EXC30GT)"
      },
      {
        "status": "affected",
        "version": "1.7.4 (EXC300GT)"
      },
      {
        "status": "affected",
        "version": "1.7.4 (EXC100GT)"
      },
      {
        "status": "affected",
        "version": "1.7.4 (EXC5000GT)"
      },
      {
        "status": "affected",
        "version": "1.6.3 (EXC1000GT)"
      },
      {
        "status": "affected",
        "version": "1.5.4 (EXC120GT)"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Radio Link",
    "vendor": "Sielco ",
    "versions": [
      {
        "status": "affected",
        "version": "2.06 (RTX19)"
      },
      {
        "status": "affected",
        "version": "2.05 (RTX19)"
      },
      {
        "status": "affected",
        "version": "2.00 (EXC19)"
      },
      {
        "status": "affected",
        "version": "1.60 (RTX19)"
      },
      {
        "status": "affected",
        "version": "1.59 (RTX19)"
      },
      {
        "status": "affected",
        "version": "1.55 (EXC19)"
      }
    ]
  }
]