PT-2023-23222 · Unknown · Ac-Wapu-300-P+4

Masahiro Iida

·

Published

2023-06-13

·

Updated

2025-01-03

·

CVE-2023-31196

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions AC-PD-WAPU versions 1.05 B04 and earlier AC-PD-WAPUM versions 1.05 B04 and earlier AC-PD-WAPU-P versions 1.05 B04P and earlier AC-PD-WAPUM-P versions 1.05 B04P and earlier AC-WAPU-300 versions 1.00 B07 and earlier AC-WAPUM-300 versions 1.00 B07 and earlier AC-WAPU-300-P versions 1.00 B07 and earlier AC-WAPUM-300-P versions 1.00 B07 and earlier
Description The issue is related to missing authentication for a critical function in Wi-Fi AP UNIT, allowing a remote unauthenticated attacker to obtain sensitive information of the affected products.
Recommendations For AC-PD-WAPU versions 1.05 B04 and earlier, update to a version later than 1.05 B04. For AC-PD-WAPUM versions 1.05 B04 and earlier, update to a version later than 1.05 B04. For AC-PD-WAPU-P versions 1.05 B04P and earlier, update to a version later than 1.05 B04P. For AC-PD-WAPUM-P versions 1.05 B04P and earlier, update to a version later than 1.05 B04P. For AC-WAPU-300 versions 1.00 B07 and earlier, update to a version later than 1.00 B07. For AC-WAPUM-300 versions 1.00 B07 and earlier, update to a version later than 1.00 B07. For AC-WAPU-300-P versions 1.00 B07 and earlier, update to a version later than 1.00 B07. For AC-WAPUM-300-P versions 1.00 B07 and earlier, update to a version later than 1.00 B07.

Fix

Missing Authentication

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2023-31196

Affected Products

Ac-Pd-Wapum
Ac-Pd-Wapu-P
Ac-Pd-Wapum-P
Ac-Wapu-300
Ac-Wapu-300-P