CVE-2023-4230

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions ioLogik 4000 Series (ioLogik E4200) versions v1.6 and prior

Description A vulnerability has been identified that may facilitate the collection of information on ioLogik 4000 Series devices, potentially enabling attackers to gather information for assessing vulnerabilities and attack vectors. The issue is related to the lack of protection for service data in the ioLogik web server, which could allow a remote attacker to gain unauthorized access to protected information.

Recommendations For ioLogik 4000 Series (ioLogik E4200) versions v1.6 and prior, update the firmware to a version later than v1.6 to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.

Fix

Exposure of Resource to Wrong Sphere

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-668CWE-200

Related Identifiers

BDU:2023-04962

CVE-2023-4230

Affected Products

Iologik 4000 Series

CVE-2023-4230

Weakness Enumeration

Related Identifiers

Affected Products

References · 5