Lucene search

[email protected]CVE-2023-45317

HistoryOct 26, 2023 - 5:15 p.m.

CVE-2023-45317

2023-10-2617:15:09

CWE-352

[email protected]

web.nvd.nist.gov

cve-2023-45317

application interface

http requests

validity checks

administrative privileges

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

24.3%

JSON

The application interface allows users to perform certain actions via
HTTP requests without performing any validity checks to verify the
requests. This can be exploited to perform certain actions with
administrative privileges if a logged-in user visits a malicious web
site.

Affected configurations

NVD

Node

sielcoanalog_fm_transmitter_exc5000gxMatch2.12

AND

sielcoanalog_fm_transmitter_exc5000gx_firmwareMatch-

Node

sielcoanalog_fm_transmitter_exc120gxMatch2.12

AND

sielcoanalog_fm_transmitter_exc120gx_firmwareMatch-

Node

sielcoanalog_fm_transmitter_exc300gx_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc300gxMatch2.11

Node

sielcoanalog_fm_transmitter_exc1600gx_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc1600gxMatch2.10

Node

sielcoanalog_fm_transmitter_exc2000gx_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc2000gxMatch2.10

Node

sielcoanalog_fm_transmitter_exc1600gx_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc1600gxMatch2.08

Node

sielcoanalog_fm_transmitter_exc1000gx_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc1000gxMatch2.08

Node

sielcoanalog_fm_transmitter_exc3000gx_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc3000gxMatch2.07

Node

sielcoanalog_fm_transmitter_exc5000gx_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc5000gxMatch2.06

Node

sielcoanalog_fm_transmitter_exc30gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc30gtMatch1.7.7

Node

sielcoanalog_fm_transmitter_exc300gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc300gtMatch1.7.4

Node

sielcoanalog_fm_transmitter_exc100gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc100gtMatch1.7.4

Node

sielcoanalog_fm_transmitter_exc5000gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc5000gtMatch1.7.4

Node

sielcoanalog_fm_transmitter_exc1000gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc1000gtMatch1.6.3

Node

sielcoanalog_fm_transmitter_exc120gt_firmwareMatch-

AND

sielcoanalog_fm_transmitter_exc120gtMatch1.5.4

Node

sielcoradio_link_rtx19_firmwareMatch-

AND

sielcoradio_link_rtx19Match2.06

Node

sielcoradio_link_rtx19_firmwareMatch-

AND

sielcoradio_link_rtx19Match2.05

Node

sielcoradio_link_exc19_firmwareMatch-

AND

sielcoradio_link_exc19Match2.00

Node

sielcoradio_link_rtx19_firmwareMatch-

AND

sielcoradio_link_rtx19Match1.60

Node

sielcoradio_link_rtx19_firmwareMatch-

AND

sielcoradio_link_rtx19Match1.59

Node

sielcoradio_link_exc19_firmwareMatch-

AND

sielcoradio_link_exc19Match1.55

CPENameOperatorVersion
sielco:analog_fm_transmitter_exc5000gx_firmwaresielco analog fm transmitter exc5000gx firmwareeq-

CPE	Name	Operator	Version
sielco:analog_fm_transmitter_exc5000gx_firmware	sielco analog fm transmitter exc5000gx firmware	eq	-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Analog FM transmitter",
    "vendor": "Sielco",
    "versions": [
      {
        "status": "affected",
        "version": "2.12 (EXC5000GX)"
      },
      {
        "status": "affected",
        "version": "2.12 (EXC120GX)"
      },
      {
        "status": "affected",
        "version": "2.11 (EXC300GX)"
      },
      {
        "status": "affected",
        "version": "2.10 (EXC1600GX)"
      },
      {
        "status": "affected",
        "version": "2.10 (EXC2000GX)"
      },
      {
        "status": "affected",
        "version": "2.08 (EXC1600GX)"
      },
      {
        "status": "affected",
        "version": "2.08 (EXC1000GX)"
      },
      {
        "status": "affected",
        "version": "2.07 (EXC3000GX)"
      },
      {
        "status": "affected",
        "version": "2.06 (EXC5000GX)"
      },
      {
        "status": "affected",
        "version": "1.7.7 (EXC30GT)"
      },
      {
        "status": "affected",
        "version": "1.7.4 (EXC300GT)"
      },
      {
        "status": "affected",
        "version": "1.7.4 (EXC100GT)"
      },
      {
        "status": "affected",
        "version": "1.7.4 (EXC5000GT)"
      },
      {
        "status": "affected",
        "version": "1.6.3 (EXC1000GT)"
      },
      {
        "status": "affected",
        "version": "1.5.4 (EXC120GT)"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Radio Link",
    "vendor": "Sielco ",
    "versions": [
      {
        "status": "affected",
        "version": "2.06 (RTX19)"
      },
      {
        "status": "affected",
        "version": "2.05 (RTX19)"
      },
      {
        "status": "affected",
        "version": "2.00 (EXC19)"
      },
      {
        "status": "affected",
        "version": "1.60 (RTX19)"
      },
      {
        "status": "affected",
        "version": "1.59 (RTX19)"
      },
      {
        "status": "affected",
        "version": "1.55 (EXC19)"
      }
    ]
  }
]