Lucene search

[email protected]NVD:CVE-2023-36082

HistoryAug 03, 2023 - 1:15 a.m.

CVE-2023-36082

2023-08-0301:15:11

CWE-522

[email protected]

web.nvd.nist.gov

gatesair

flexiva

transmitter

security

vulnerability

remote

privilege escalation

ldap

smtp

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.003

Percentile

68.3%

JSON

An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials.

Affected configurations

Nvd

Node

gatesairflexiva_fax_150w_firmwareMatch-

AND

gatesairflexiva_fax_150wMatch-

VendorProductVersionCPE
gatesairflexiva_fax_150w_firmware-cpe:2.3:o:gatesair:flexiva_fax_150w_firmware:-:*:*:*:*:*:*:*
gatesairflexiva_fax_150w-cpe:2.3:h:gatesair:flexiva_fax_150w:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gatesair	flexiva_fax_150w_firmware	-	cpe:2.3:o:gatesair:flexiva_fax_150w_firmware:-:::::::*
gatesair	flexiva_fax_150w	-	cpe:2.3:h:gatesair:flexiva_fax_150w:-:::::::*

References

flexiva.com

gatesair.com

strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36082

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.003

Percentile

68.3%

JSON

Related for NVD:CVE-2023-36082

cvelist1 prion1 cve1