5 matches found
CVE-2023-26150
Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missing checks for services that require an active session...
datapoints (>=0.0.1 <=0.0.2), hvl-ccb (>=0.12.0 <=0.12.3) potentially affected by CVE-2023-26150 via asyncua (>=0.9.94 <=0.9.95)
asyncua PYPI version =0.9.94, =0.0.1, =0.12.0, =0.12.3 Source cves: CVE-2023-26150 Source advisory: OSV:GHSA-2894-QCQF-G23G...
CVE-2023-26150
Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missing checks for services that require an active session...
CVE-2023-26150
Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missing checks for services that require an active session...
CVE-2023-26150
CVE-2023-26150 affects the Python asyncua package prior to 0.9.96, where Improper Authentication allows access to Address Space without encryption or authentication. The root cause is missing checks for services that require an active session. The impact is primarily confidentiality loss; no inte...