Lucene search

[email protected]NVD:CVE-2023-36497

HistorySep 11, 2023 - 8:15 p.m.

CVE-2023-36497

2023-09-1120:15:09

CWE-284

[email protected]

web.nvd.nist.gov

vulnerability

user privilege escalation

web console configuration

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.4%

JSON

Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3

could allow a guest user to elevate to admin privileges.

Affected configurations

NVD

Node

doverfuelingsolutionsmaglink_lx_3Match-

AND

doverfuelingsolutionsmaglink_lx_web_console_configurationMatch2.5.1

doverfuelingsolutionsmaglink_lx_web_console_configurationMatch2.5.2

doverfuelingsolutionsmaglink_lx_web_console_configurationMatch2.5.3

doverfuelingsolutionsmaglink_lx_web_console_configurationMatch2.6.1

doverfuelingsolutionsmaglink_lx_web_console_configurationMatch2.11

doverfuelingsolutionsmaglink_lx_web_console_configurationMatch3.0

doverfuelingsolutionsmaglink_lx_web_console_configurationMatch3.2

doverfuelingsolutionsmaglink_lx_web_console_configurationMatch3.3

References

www.cisa.gov/news-events/ics-advisories/icsa-23-250-01

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.4%

JSON

Related for NVD:CVE-2023-36497

prion1 cvelist1 cve1 ics1