Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.CYBERPOWER_PPE_CVE-2023-3265.NBINHistoryJan 29, 2024 - 12:00 a.m.
CyberPower PowerPanel Enterprise Authentication Bypass (CVE-2023-3265)
2024-01-2900:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
cyberpower
powerpanel
enterprise
authentication bypass
cve-2023-3265
binary data
scanner
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
Low
EPSS
0.002
Percentile
54.8%
The CyberPower PowerPanel Enterprise running on the remote host is affected by an authentication bypass vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to login to the application.
Binary data cyberpower_ppe_cve-2023-3265.nbinRelated
cvelist
cvelist
CVE-2023-3265
2023-08-14 04:08:06
nvd
nvd
CVE-2023-3265
2023-08-14 05:15:09
cve
cve
CVE-2023-3265
2023-08-14 05:15:09
prion
prion
Hardcoded credentials
2023-08-14 05:15:00
thn
thn
Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk
2023-08-12 21:00:00
trellix
trellix
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
Low
EPSS
0.002
Percentile
54.8%
Related for CYBERPOWER_PPE_CVE-2023-3265.NBIN