Lucene search
HistoryAug 31, 2023 - 9:15 p.m.
CVE-2023-4299
cve-2023-4299
digi realport protocol
replay attack
authentication bypass
connected equipment
nvd
9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.3%
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.
Affected configurations
Node
digirealportRange≤1.9-40linux
ORdigirealportRange≤4.8.488.0windows
Node
digiconnectport_ts_8\/16Match-
digiconnectport_ts_8\/16_firmwareRange<2.26.2.4
Node
digipassportMatch-
digipassport_firmwareMatch-
Node
digiconnectport_lts_8\/16\/32_firmwareRange<1.4.9
digiconnectport_lts_8\/16\/32Match-
Node
digicm_firmwareMatch-
digicmMatch-
Node
digiportserver_ts_firmwareMatch-
digiportserver_tsMatch-
Node
digiportserver_ts_mei_firmwareMatch-
digiportserver_ts_meiMatch-
Node
digiportserver_ts_mei_hardened_firmwareMatch-
digiportserver_ts_mei_hardenedMatch-
Node
digiportserver_ts_m_mei_firmwareMatch-
digiportserver_ts_m_meiMatch-
Node
digiportserver_ts_p_mei_firmwareMatch-
digiportserver_ts_p_meiMatch-
Node
digione_iap_firmwareMatch-
digione_iapMatch-
Node
digione_ia_firmwareMatch-
digione_iaMatch-
Node
digione_sp_ia_firmwareMatch-
digione_sp_iaMatch-
Node
digione_sp_firmwareMatch-
digione_spMatch-
Node
digiwr31_firmwareMatch-
digiwr31Match-
Node
digitransport_wr11_xt_firmwareMatch-
digitransport_wr11_xtMatch-
Node
digiwr44_r_firmwareMatch-
digiwr44_rMatch-
Node
digiwr21_firmwareMatch-
digiwr21Match-
Node
digiconnect_es_firmwareRange<2.26.2.4
digiconnect_esMatch-
Node
digiconnect_sp_firmwareMatch-
digiconnect_spMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| digi:realport | digi realport | le | 1.9-40 |
| digi:realport | digi realport | le | 4.8.488.0 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Digi RealPort",
"vendor": "Digi International ",
"versions": [
{
"lessThanOrEqual": "4.8.488.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "Digi RealPort",
"vendor": "Digi International ",
"versions": [
{
"lessThanOrEqual": "1.9-40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi ConnectPort TS 8/16",
"vendor": "Digi International ",
"versions": [
{
"lessThan": "2.26.2.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi Passport Console Server",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi ConnectPort LTS 8/16/32",
"vendor": "Digi International ",
"versions": [
{
"lessThan": "1.4.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi CM Console Server",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi PortServer TS",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi PortServer TS MEI",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi PortServer TS MEI Hardened",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi PortServer TS M MEI",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi PortServer TS P MEI",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi One IAP Family",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi One IA",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi One SP IA",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi One SP",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi WR31",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi WR11 XT",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi WR44 R",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi WR21",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi Connect ES",
"vendor": "Digi International ",
"versions": [
{
"lessThan": "2.26.2.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi Connect SP",
"vendor": "Digi International ",
"versions": [
{
"status": "affected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi 6350-SR",
"vendor": "Digi International ",
"versions": [
{
"status": "unaffected",
"version": "all versions"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Digi ConnectCore 8X products",
"vendor": "Digi International ",
"versions": [
{
"status": "unaffected",
"version": "all versions"
}
]
}
]Related
ics
ics
Digi RealPort Protocol
2023-08-31 12:00:00
prion
prion
Authentication flaw
2023-08-31 21:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-4299
2023-08-31 21:15:09
9 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
8.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.3%
Related for CVE-2023-4299