Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiUri Katz of Claroty Team82ZDI-23-1034
HistoryAug 04, 2023 - 12:00 a.m.

Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability

2023-08-0400:00:00
Uri Katz of Claroty Team82
www.zerodayinitiative.com
6
vulnerability
triangle microworks
scada data gateway
get_config
authentication
information disclosure

0.0005 Low

EPSS

Percentile

16.2%

JSON

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the get_config endpoint. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose sensitive information.

Related

nvd 1
cvelist 1
cve 1
nvd
nvd
CVE-2023-39466
2024-05-03 03:15:12
cvelist
cvelist
CVE-2023-39466 Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability
2024-05-03 01:59:28
cve
cve
CVE-2023-39466
2024-05-03 03:15:12

0.0005 Low

EPSS

Percentile

16.2%

JSON
Related for ZDI-23-1034
nvd1cvelist1cve1