Lucene search
IcscertCVE-2023-46706HistoryFeb 01, 2024 - 11:15 p.m.
CVE-2023-46706
2024-02-0123:15:09
CWE-798
icscert
web.nvd.nist.gov
12
cve-2023-46706
machinesense
credentials
vulnerability
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.001
Percentile
39.1%
Multiple MachineSense devices have credentials unable to be changed by the user or administrator.
Affected configurations
Node
machinesensefeverwarn_firmwareMatch-
machinesensefeverwarnMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| machinesense | feverwarn_firmware | - | cpe:2.3:o:machinesense:feverwarn_firmware:-:*:*:*:*:*:*:* |
| machinesense | feverwarn | - | cpe:2.3:h:machinesense:feverwarn:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "FeverWarn",
"vendor": "MachineSense",
"versions": [
{
"status": "affected",
"version": "ESP32"
},
{
"status": "affected",
"version": "RaspberryPi"
},
{
"status": "affected",
"version": "DataHub RaspberryPi"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2024-02-01 23:15:00
cvelist
cvelist
CVE-2023-46706 MachineSense FeverWarn Use of Hard-coded Credentials
2024-02-01 22:24:05
vulnrichment
vulnrichment
CVE-2023-46706 MachineSense FeverWarn Use of Hard-coded Credentials
2024-02-01 22:24:05
nvd
nvd
CVE-2023-46706
2024-02-01 23:15:09
ics
ics
MachineSense FeverWarn
2024-01-25 12:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.001
Percentile
39.1%
Related for CVE-2023-46706