PT-2023-29996 · Linx-151+1 · Linx-151+1
Chizuru Toyama
·
Publicado
2023-11-30
·
Atualizado
2024-09-20
·
CVE-2023-46387
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
LINX-212 and LINX-151 devices (all versions)
Description
The issue is related to Incorrect Access Control via the
dpal config.zml file, allowing remote attackers to disclose sensitive information on device data point configuration.Recommendations
For all versions, consider restricting access to the
dpal config.zml file to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability. Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Linx-151
Linx-212