Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/13 11:46 a.m.4 views

CVE-2023-37482

The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...

6.9CVSS6.8AI score0.00486EPSS
Exploits0References3
NVD
NVD
added 2025/02/11 11:15 a.m.7 views

CVE-2023-37482

The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...

6.9CVSS0.00486EPSS
Exploits0References1
Circl
Circl
added 2025/02/11 10:29 a.m.6 views

CVE-2023-37482

creationtimestamp| type| source ---|---|--- 2025-02-11 10:29:24+00:00| seen| https://infosec.exchange/users/cve/statuses/113984783209414361 2025-02-11 11:15:30+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhvjsp3oef2h 2025-02-13 11:00:00+00:00| seen|...

6.9CVSS4.8AI score0.00486EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/02/11 10:26 a.m.5 views

CVE-2023-37482

The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...

6.9CVSS5.6AI score0.00486EPSS
Exploits0References1
CVE
CVE
added 2025/02/11 10:26 a.m.67 views

CVE-2023-37482

CVE-2023-37482 affects Siemens SIMATIC web servers (e.g., SIMATIC S7-1200/1500 family). The vulnerability stems from login response timing not being normalized, enabling an unauthenticated remote attacker to perform user enumeration by distinguishing valid vs. invalid usernames via a side channel...

6.9CVSS5.3AI score0.00486EPSS
Exploits0References1
Rows per page
Query Builder