Lucene search

[email protected]CVE-2023-43609

HistoryFeb 09, 2024 - 4:15 a.m.

CVE-2023-43609

2024-02-0904:15:07

CWE-285

[email protected]

web.nvd.nist.gov

emerson

rosemount

gc370xa

gc700xa

gc1500xa

cve-2023-43609

network security

vulnerability

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.3%

JSON

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could obtain access to sensitive information or cause a denial-of-service condition.

Affected configurations

NVD

Node

emersongc370xaMatch-

AND

emersongc370xa_firmwareMatch4.1.5

Node

emersongc700xaMatch-

AND

emersongc700xa_firmwareMatch4.1.5

Node

emersongc1500xaMatch-

AND

emersongc1500xa_firmwareMatch4.1.5

CPENameOperatorVersion
emerson:gc370xa_firmwareemerson gc370xa firmwareeq4.1.5

CPE	Name	Operator	Version
emerson:gc370xa_firmware	emerson gc370xa firmware	eq	4.1.5

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Rosemount GC370XA",
    "vendor": "Emerson",
    "versions": [
      {
        "lessThanOrEqual": "Version 4.1.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Rosemount GC700XA",
    "vendor": "Emerson",
    "versions": [
      {
        "lessThanOrEqual": "Version 4.1.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Rosemount GC1500XA",
    "vendor": "Emerson",
    "versions": [
      {
        "lessThanOrEqual": "Version 4.1.5",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]