Lucene search
IcscertCVELIST:CVE-2023-0354HistoryMar 13, 2023 - 8:04 p.m.
CVE-2023-0354 CVE-2023-0354
2023-03-1320:04:43
icscert
www.cve.org
5
akuvox e11
web server
unauthenticated access
potential data breach
packet captures
default urls
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
9.3
Confidence
High
EPSS
0.001
Percentile
50.7%
The Akuvox E11 web server can be accessed without any user authentication, and this could allow an attacker to access sensitive information, as well as create and download packet captures with known default URLs.
CNA Affected
[
{
"vendor": "Akuvox",
"product": "E11",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
]Related
nvd
nvd
CVE-2023-0354
2023-03-13 21:15:13
prion
prion
Authentication flaw
2023-03-13 21:15:00
cve
cve
CVE-2023-0354
2023-03-13 21:15:13
thn
thn
Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom
2023-03-13 07:36:00
ics
ics
Akuvox E11
2023-03-09 12:00:00
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
9.3
Confidence
High
EPSS
0.001
Percentile
50.7%
Related for CVELIST:CVE-2023-0354