Lucene search

K
cvelistIcscertCVELIST:CVE-2023-45213
HistoryFeb 06, 2024 - 9:39 p.m.

CVE-2023-45213 Westermo Lynx Permissive Cross-domain Policy with Untrusted Domains

2024-02-0621:39:36
CWE-942
icscert
www.cve.org
cve-2023-45213
potential attacker
malicious code
device security

6.6 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

6.8 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.0%

A potential attacker with access to the Westermo Lynx device would be able to execute malicious code that could affect the correct functioning of the device.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Lynx",
    "vendor": "Westermo",
    "versions": [
      {
        "status": "affected",
        "version": "L206-F2G1"
      },
      {
        "status": "affected",
        "version": "4.24"
      }
    ]
  }
]

6.6 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

6.8 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.0%

Related for CVELIST:CVE-2023-45213