PT-2023-20050 · Aten · Aten Pe8108

Martin Schobert

Publicado

2023-04-11

Atualizado

2023-04-14

CVE-2023-25407

CVSS v3.1

7.2

Alta

Vetor

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Aten PE8108 version 2.4.232

Description The issue allows restricted users to have read access to administrator credentials due to incorrect access control.

Recommendations For Aten PE8108 version 2.4.232, consider restricting access to sensitive areas of the system until a patch is available. As a temporary workaround, limit the privileges of restricted users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Insufficiently Protected Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-522

Identificadores relacionados

CVE-2023-25407

Produtos afetados

Aten Pe8108

PT-2023-20050 · Aten · Aten Pe8108

CVE-2023-25407

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4