PT-2023-24911 · Etic Telecom · Etic Telecom Ras

Alik Koldobsky

Publicado

2023-08-23

Atualizado

2023-12-28

CVE-2023-3453

CVSS v3.1

8.1

Alta

Vetor

AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions ETIC Telecom RAS versions 4.7.0 and prior

Description The web management portal authentication is disabled by default in the affected versions. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.

Recommendations For ETIC Telecom RAS versions 4.7.0 and prior, enable the web management portal authentication to prevent unauthorized access and potential configuration alterations or denial-of-service conditions.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-1188

Identificadores relacionados

CVE-2023-3453

Produtos afetados

Etic Telecom Ras

PT-2023-24911 · Etic Telecom · Etic Telecom Ras

CVE-2023-3453

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5