CVE-2023-51438
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
9.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.6%
A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfishยฎ server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| microchip:maxview_storage_manager | microchip maxview storage manager | lt | 4.14.00.26068 |
CNA Affected
[
{
"vendor": "Siemens",
"product": "SIMATIC IPC1047E",
"versions": [
{
"version": "All versions with maxView Storage Manager < V4.14.00.26068 on Windows",
"status": "affected"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "SIMATIC IPC647E",
"versions": [
{
"version": "All versions with maxView Storage Manager < V4.14.00.26068 on Windows",
"status": "affected"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Siemens",
"product": "SIMATIC IPC847E",
"versions": [
{
"version": "All versions with maxView Storage Manager < V4.14.00.26068 on Windows",
"status": "affected"
}
],
"defaultStatus": "unknown"
}
]Related
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
9.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.6%