PT-2023-20050 · Aten · Aten Pe8108

Martin Schobert

Published

2023-04-11

Updated

2023-04-14

CVE-2023-25407

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Aten PE8108 version 2.4.232

Description The issue allows restricted users to have read access to administrator credentials due to incorrect access control.

Recommendations For Aten PE8108 version 2.4.232, consider restricting access to sensitive areas of the system until a patch is available. As a temporary workaround, limit the privileges of restricted users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522

Related Identifiers

CVE-2023-25407

Affected Products

Aten Pe8108

PT-2023-20050 · Aten · Aten Pe8108

CVE-2023-25407

Weakness Enumeration

Related Identifiers

Affected Products

References · 4