Lucene search

TenableCVELIST:CVE-2023-5642

HistoryOct 18, 2023 - 3:04 p.m.

CVE-2023-5642 Advantech R-SeeNet Unauthenticated Read/Write

2023-10-1815:04:29

CWE-200

tenable

www.cve.org

cve-2023-5642

advantech r-seenet

unauthenticated access

snmp information

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.003

Percentile

71.4%

JSON

Advantech R-SeeNet v2.4.23 allows an unauthenticated remote attacker to read from and write to the snmpmon.ini file, which contains sensitive information.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "R-SeeNet",
    "vendor": "Advantech",
    "versions": [
      {
        "lessThan": "2.4.23",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

tenable.com/security/research/tra-2023-33

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.003

Percentile

71.4%

JSON

Related for CVELIST:CVE-2023-5642