Lucene search

[email protected]NVD:CVE-2023-44318

HistoryNov 14, 2023 - 11:15 a.m.

CVE-2023-44318

2023-11-1411:15:12

CWE-321

[email protected]

web.nvd.nist.gov

cve-2023-44318

obfuscation

configuration backup

authenticated attacker

administrative privileges

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

25.0%

JSON

Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the exported file.

Affected configurations

NVD

Node

siemens6gk5205-3bb00-2ab2Match-

AND

siemens6gk5205-3bb00-2ab2_firmwareRange<4.5

Node

siemens6gk5205-3bb00-2tb2Match-

AND

siemens6gk5205-3bb00-2tb2_firmwareRange<4.5

Node

siemens6gk5205-3bd00-2tb2Match-

AND

siemens6gk5205-3bd00-2tb2_firmwareRange<4.5

Node

siemens6gk5205-3bd00-2ab2Match-

AND

siemens6gk5205-3bd00-2ab2_firmwareRange<4.5

Node

siemens6gk5205-3bf00-2tb2Match-

AND

siemens6gk5205-3bf00-2tb2_firmwareRange≤4.5

Node

siemens6gk5205-3bf00-2ab2Match-

AND

siemens6gk5205-3bf00-2ab2_firmwareRange<4.5

Node

siemens6gk5208-0ba00-2tb2Match-

AND

siemens6gk5208-0ba00-2tb2_firmwareRange<4.5

Node

siemens6gk5208-0ba00-2ab2Match-

AND

siemens6gk5208-0ba00-2ab2_firmwareRange<4.5

Node

siemens6gk5213-3bd00-2tb2_firmwareRange<4.5

AND

siemens6gk5213-3bd00-2tb2Match-

Node

siemens6gk5213-3bd00-2ab2_firmwareRange<4.5

AND

siemens6gk5213-3bd00-2ab2Match-

Node

siemens6gk5213-3bb00-2tb2_firmwareRange<4.5

AND

siemens6gk5213-3bb00-2tb2Match-

Node

siemens6gk5213-3bb00-2ab2_firmwareRange<4.5

AND

siemens6gk5213-3bb00-2ab2Match-

Node

siemens6gk5213-3bf00-2tb2_firmwareRange<4.5

AND

siemens6gk5213-3bf00-2tb2Match-

Node

siemens6gk5213-3bf00-2ab2_firmwareRange<4.5

AND

siemens6gk5213-3bf00-2ab2Match-

Node

siemens6gk5216-0ba00-2tb2_firmwareRange<4.5

AND

siemens6gk5216-0ba00-2tb2Match-

Node

siemens6gk5216-0ba00-2ab2_firmwareRange<4.5

AND

siemens6gk5216-0ba00-2ab2Match-

Node

siemens6gk5206-2bd00-2ac2_firmwareRange<4.5

AND

siemens6gk5206-2bd00-2ac2Match-

Node

siemens6gk5206-2bb00-2ac2Match-

AND

siemens6gk5206-2bb00-2ac2_firmwareRange<4.5

Node

siemens6gk5206-2rs00-2ac2_firmwareRange<4.5

AND

siemens6gk5206-2rs00-2ac2Match-

Node

siemens6gk5206-2rs00-5ac2_firmwareRange<4.5

AND

siemens6gk5206-2rs00-5ac2Match-

Node

siemens6gk5206-2rs00-5fc2_firmwareRange<4.5

AND

siemens6gk5206-2rs00-5fc2Match-

Node

siemens6gk5206-2bs00-2ac2_firmwareRange<4.5

AND

siemens6gk5206-2bs00-2ac2Match-

Node

siemens6gk5206-2bs00-2fc2_firmwareRange<4.5

AND

siemens6gk5206-2bs00-2fc2Match-

Node

siemens6gk5206-2gs00-2ac2_firmwareRange<4.5

AND

siemens6gk5206-2gs00-2ac2Match-

Node

siemens6gk5206-2gs00-2tc2_firmwareRange<4.5

AND

siemens6gk5206-2gs00-2tc2Match-

Node

siemens6gk5206-2gs00-2fc2_firmwareRange<4.5

AND

siemens6gk5206-2gs00-2fc2Match-

Node

siemens6gk5208-0ba00-2ac2_firmwareRange<4.5

AND

siemens6gk5208-0ba00-2ac2Match-

Node

siemens6gk5208-0ba00-2fc2_firmwareRange<4.5

AND

siemens6gk5208-0ba00-2fc2Match-

Node

siemens6gk5208-0ga00-2ac2_firmwareRange<4.5

AND

siemens6gk5208-0ga00-2ac2Match-

Node

siemens6gk5208-0ga00-2tc2_firmwareRange<4.5

AND

siemens6gk5208-0ga00-2tc2Match-

Node

siemens6gk5208-0ga00-2fc2_firmwareRange<4.5

AND

siemens6gk5208-0ga00-2fc2Match-

Node

siemens6gk5208-0ra00-2ac2_firmwareRange<4.5

AND

siemens6gk5208-0ra00-2ac2Match-

Node

siemens6gk5208-0ra00-5ac2_firmwareRange<4.5

AND

siemens6gk5208-0ra00-5ac2Match-

Node

siemens6gk5216-0ba00-2ac2_firmwareRange<4.5

AND

siemens6gk5216-0ba00-2ac2Match-

Node

siemens6gk5216-3rs00-2ac2_firmwareRange<4.5

AND

siemens6gk5216-3rs00-2ac2Match-

Node

siemens6gk5216-3rs00-5ac2_firmwareRange<4.5

AND

siemens6gk5216-3rs00-5ac2Match-

Node

siemens6gk5216-4bs00-2ac2_firmwareRange<4.5

AND

siemens6gk5216-4bs00-2ac2Match-

Node

siemens6gk5216-4gs00-2ac2_firmwareRange<4.5

AND

siemens6gk5216-4gs00-2ac2Match-

Node

siemens6gk5216-4gs00-2tc2_firmwareRange<4.5

AND

siemens6gk5216-4gs00-2tc2Match-

Node

siemens6gk5216-4gs00-2fc2_firmwareRange<4.5

AND

siemens6gk5216-4gs00-2fc2Match-

Node

siemens6gk5216-0ba00-2fc2_firmwareRange<4.5

AND

siemens6gk5216-0ba00-2fc2Match-

Node

siemens6gk5224-0ba00-2ac2_firmwareRange<4.5

AND

siemens6gk5224-0ba00-2ac2Match-

Node

siemens6gk5224-4gs00-2ac2_firmwareRange<4.5

AND

siemens6gk5224-4gs00-2ac2Match-

Node

siemens6gk5224-4gs00-2tc2_firmwareRange<4.5

AND

siemens6gk5224-4gs00-2tc2Match-

Node

siemens6gk5224-4gs00-2fc2_firmwareRange<4.5

AND

siemens6gk5224-4gs00-2fc2Match-

Node

siemens6gk5204-0ba00-2gf2_firmwareRange<4.5

AND

siemens6gk5204-0ba00-2gf2Match-

Node

siemens6gk5204-0ba00-2yf2_firmwareRange<4.5

AND

siemens6gk5204-0ba00-2yf2Match-

Node

siemens6gk5204-2aa00-2gf2_firmwareRange<4.5

AND

siemens6gk5204-2aa00-2gf2Match-

Node

siemens6gk5204-2aa00-2yf2_firmwareRange<4.5

AND

siemens6gk5204-2aa00-2yf2Match-

Node

siemens6gk5208-0ha00-2as6_firmwareRange<4.5

AND

siemens6gk5208-0ha00-2as6Match-

Node

siemens6gk5208-0ha00-2ts6_firmwareRange<4.5

AND

siemens6gk5208-0ha00-2ts6Match-

Node

siemens6gk5208-0ha00-2es6_firmwareRange<4.5

AND

siemens6gk5208-0ha00-2es6Match-

Node

siemens6gk5208-0ua00-5es6_firmwareRange<4.5

AND

siemens6gk5208-0ua00-5es6Match-

Node

siemens6gk5216-0ha00-2as6_firmwareRange<4.5

AND

siemens6gk5216-0ha00-2as6Match-

Node

siemens6gk5216-0ha00-2ts6_firmwareRange<4.5

AND

siemens6gk5216-0ha00-2ts6Match-

Node

siemens6gk5216-0ha00-2es6_firmwareRange<4.5

AND

siemens6gk5216-0ha00-2es6Match-

Node

siemens6gk5216-0ua00-5es6_firmwareRange<4.5

AND

siemens6gk5216-0ua00-5es6Match-

Node

siemens6gk5324-0ba00-3ar3_firmwareRange<4.5

AND

siemens6gk5324-0ba00-3ar3Match-

Node

siemens6gk5324-0ba00-2ar3_firmwareRange<4.5

AND

siemens6gk5324-0ba00-2ar3Match-

Node

siemens6gk5326-2qs00-3ar3_firmwareRange<4.5

AND

siemens6gk5326-2qs00-3ar3Match-

Node

siemens6gk5326-2qs00-3rr3_firmwareRange<4.5

AND

siemens6gk5326-2qs00-3rr3Match-

Node

siemens6gk5328-4fs00-3ar3_firmwareRange<4.5

AND

siemens6gk5328-4fs00-3ar3Match-

Node

siemens6gk5328-4fs00-3rr3_firmwareRange<4.5

AND

siemens6gk5328-4fs00-3rr3Match-

Node

siemens6gk5328-4fs00-2ar3_firmwareRange<4.5

AND

siemens6gk5328-4fs00-2ar3Match-

Node

siemens6gk5328-4fs00-2rr3_firmwareRange<4.5

AND

siemens6gk5328-4fs00-2rr3Match-

Node

siemens6gk5328-4ss00-3ar3_firmwareRange<4.5

AND

siemens6gk5328-4ss00-3ar3Match-

Node

siemens6gk5328-4ss00-2ar3_firmwareRange<4.5

AND

siemens6gk5328-4ss00-2ar3Match-

Node

siemens6ag1206-2bb00-7ac2_firmwareRange<4.5

AND

siemens6ag1206-2bb00-7ac2Match-

Node

siemens6ag1206-2bs00-7ac2_firmwareRange<4.5

AND

siemens6ag1206-2bs00-7ac2Match-

Node

siemens6ag1208-0ba00-7ac2_firmwareRange<4.5

AND

siemens6ag1208-0ba00-7ac2Match-

Node

siemens6ag1216-4bs00-7ac2_firmwareRange<4.5

AND

siemens6ag1216-4bs00-7ac2Match-

References

cert-portal.siemens.com/productcert/html/ssa-180704.html

cert-portal.siemens.com/productcert/html/ssa-353002.html

cert-portal.siemens.com/productcert/html/ssa-690517.html

cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf

cert-portal.siemens.com/productcert/pdf/ssa-699386.pdf

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

25.0%

JSON

Related for NVD:CVE-2023-44318

cvelist1 cve1 prion1 cnvd1 nessus1 ics4