Lucene search

[email protected]NVD:CVE-2023-6928

HistoryDec 19, 2023 - 11:15 p.m.

CVE-2023-6928

2023-12-1923:15:08

CWE-307

[email protected]

web.nvd.nist.gov

eurotel etl3100

remote password attack

administrative credentials

system control

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

39.3%

JSON

EuroTel ETL3100 versions v01c01 and v01x37 does not limit the number of attempts to guess administrative credentials in remote password attacks to gain full control of the system.

Affected configurations

NVD

Node

euroteletl3100Match-

AND

euroteletl3100_firmwareMatch01c01

euroteletl3100_firmwareMatch01x37

References

www.cisa.gov/news-events/ics-advisories/icsa-23-353-05

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

39.3%

JSON

Related for NVD:CVE-2023-6928

prion1 cvelist1 cve1 zeroscience1 ics1