PT-2023-23269 · Unknown · Istar Edge G2+3
Published
2023-07-11
·
Updated
2023-07-20
·
CVE-2023-3127
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
iSTAR Ultra (affected versions not specified)
iSTAR Ultra LT (affected versions not specified)
iSTAR Ultra G2 (affected versions not specified)
iSTAR Edge G2 (affected versions not specified)
Description
An unauthenticated user could log into the systems with administrator rights.
Recommendations
For iSTAR Ultra, restrict access to administrator accounts until a fix is available.
For iSTAR Ultra LT, consider disabling remote login functionality as a temporary workaround.
For iSTAR Ultra G2, limit access to sensitive areas of the system to minimize potential damage.
For iSTAR Edge G2, avoid using default administrator credentials and change them to strong passwords as an interim measure.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Istar Edge G2
Istar Ultra
Istar Ultra G2
Istar Ultra Lt