Lucene search
HistoryMar 13, 2023 - 9:15 p.m.
CVE-2023-0346
akuvox
e11
cloud login
http connection
unencrypted
attacker
access
mac address
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.7
Confidence
High
EPSS
0.001
Percentile
50.3%
Akuvox E11 cloud login is performed through an unencrypted HTTP connection. An attacker could gain access to the Akuvox cloud and device if the MAC address of a device if known.
Affected configurations
Node
akuvoxe11_firmwareMatch-
akuvoxe11Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| akuvox | e11_firmware | - | cpe:2.3:o:akuvox:e11_firmware:-:*:*:*:*:*:*:* |
| akuvox | e11 | - | cpe:2.3:h:akuvox:e11:-:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2023-0346
2023-03-13 21:15:13
prion
prion
Design/Logic Flaw
2023-03-13 21:15:00
cvelist
cvelist
CVE-2023-0346 CVE-2023-0346
2023-03-13 20:28:00
ics
ics
Akuvox E11
2023-03-09 12:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.7
Confidence
High
EPSS
0.001
Percentile
50.3%
Related for NVD:CVE-2023-0346