PT-2024-15175 · Unknown · Sciener Server

Published

2024-03-15

Updated

2024-03-17

CVE-2023-7007

CVSS v3.1

8.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Sciener server (affected versions not specified)

Description The Sciener server does not validate connection requests from the GatewayG2, allowing an impersonation attack. This attack provides the attacker with the unlockKey field.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-7007

Affected Products

Sciener Server

PT-2024-15175 · Unknown · Sciener Server

CVE-2023-7007

Related Identifiers

Affected Products

References · 7