Lucene search

[email protected]NVD:CVE-2023-51761

HistoryFeb 09, 2024 - 4:15 a.m.

CVE-2023-51761

2024-02-0904:15:08

CWE-287

[email protected]

web.nvd.nist.gov

emerson rosemount gc370xa

gc700xa

gc1500xa

authentication bypass

network access

admin capabilities

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could bypass authentication and acquire admin capabilities.

Affected configurations

NVD

Node

emersongc370xaMatch-

AND

emersongc370xa_firmwareMatch4.1.5

Node

emersongc700xaMatch-

AND

emersongc700xa_firmwareMatch4.1.5

Node

emersongc1500xaMatch-

AND

emersongc1500xa_firmwareMatch4.1.5

References

www.cisa.gov/news-events/ics-advisories/icsa-24-030-01

www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

Related for NVD:CVE-2023-51761

cvelist1 cve1 prion1 ics1 thn1