Lucene search
IcscertCVELIST:CVE-2023-1898HistoryJun 12, 2023 - 7:16 p.m.
CVE-2023-1898 CVE-2023-1898
2023-06-1219:16:40
icscert
www.cve.org
1
atlas copco
power focus 6000
web server
session id
vulnerability
data retrieval
active user
9.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
9.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.2%
Atlas Copco Power Focus 6000 web server uses a small amount of session ID numbers. An attacker could enter a session ID number to retrieve data for an active user’s session.
CNA Affected
[
{
"vendor": "Atlas Copco",
"product": "Power Focus",
"versions": [
{
"status": "affected",
"version": "6000"
}
]
}
]Related
nvd
nvd
CVE-2023-1898
2023-06-12 20:15:11
prion
prion
Session fixation
2023-06-12 20:15:00
cve
cve
CVE-2023-1898
2023-06-12 20:15:11
ics
ics
Atlas Copco Power Focus 6000
2023-06-08 12:00:00
9.4 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
9.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.2%
Related for CVELIST:CVE-2023-1898