Lucene search
CERTVDECVELIST:CVE-2023-39167HistoryDec 07, 2023 - 2:05 p.m.
CVE-2023-39167 SENEC: Storage Box V1,V2 and V3 affected by improper access control vulnerability
2023-12-0714:05:01
CWE-862
CERTVDE
www.cve.org
1
cve-2023-39167
senec
storage box
unauthenticated remote attacker
logfiles
sensitive data
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.003 Low
EPSS
Percentile
68.6%
InΒ SENEC Storage Box V1,V2 and V3 an unauthenticated remote attacker can obtain the devicesβ logfiles that contain sensitive data.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Storage Box V1",
"vendor": "SENEC",
"versions": [
{
"status": "affected",
"version": "all (until 19.06.2023)"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Storage Box V2",
"vendor": "SENEC",
"versions": [
{
"status": "affected",
"version": "all (until 19.06.2023)"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Storage Box V3",
"vendor": "SENEC",
"versions": [
{
"status": "affected",
"version": "all (until 19.06.2023)"
}
]
}
]References
Related
nvd
nvd
CVE-2023-39167
2023-12-07 14:15:07
CVE-2023-39168
2023-12-07 14:15:07
packetstorm
packetstorm
EnBw SENEC Legacy Storage Box Log Disclosure
2023-11-14 00:00:00
EnBw SENEC Legacy Storage Box Information Disclosure
2023-11-13 00:00:00
EnBw SENEC Legacy Storage Box Hardcoded Credentials
2023-11-13 00:00:00
prion
prion
Code injection
2023-12-07 14:15:00
Open redirect
2023-12-07 14:15:00
cve
cve
CVE-2023-39167
2023-12-07 14:15:07
CVE-2023-39168
2023-12-07 14:15:07
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.003 Low
EPSS
Percentile
68.6%
Related for CVELIST:CVE-2023-39167