Lucene search
IcscertCVELIST:CVE-2023-36607HistoryJun 29, 2023 - 8:30 p.m.
CVE-2023-36607 CVE-2023-36607
2023-06-2920:30:13
CWE-862
icscert
www.cve.org
cve-2023-36607
authorization
sensitive information
software versions
web server
The affected TBox RTUs are missing authorization for running some API commands. An attacker running these commands could reveal sensitive information such as software versions and web server file contents.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "TBox RM2",
"vendor": "Ovarro",
"versions": [
{
"lessThanOrEqual": "1.50.598",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TBox TG2",
"vendor": "Ovarro",
"versions": [
{
"lessThanOrEqual": "1.50.598",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TBox LT2",
"vendor": "Ovarro",
"versions": [
{
"lessThanOrEqual": "1.50.598",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TBox MS-CPU32-S2",
"vendor": "Ovarro",
"versions": [
{
"lessThanOrEqual": "1.50.598",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TBox MS-CPU32",
"vendor": "Ovarro",
"versions": [
{
"lessThanOrEqual": "1.50.598",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2023-36607
2023-06-29 21:15:09
cve
cve
CVE-2023-36607
2023-06-29 21:15:09
prion
prion
Authorization
2023-06-29 21:15:00
ics
ics
βOvarro TBox RTUs
2023-06-29 12:00:00