PT-2024-15240 · Unknown · Opcuaservertoolkit

Sam Hanson

Published

2024-01-16

Updated

2024-01-24

CVE-2023-7234

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions OPCUAServerToolkit (affected versions not specified)

Description The issue concerns the logging of client connection events. When an OPC UA client successfully connects, the OPCUAServerToolkit logs a message that includes the client's self-defined description field.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Encoding or Escaping of Output

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-116CWE-117

Related Identifiers

CVE-2023-7234

Affected Products

Opcuaservertoolkit

PT-2024-15240 · Unknown · Opcuaservertoolkit

CVE-2023-7234

Weakness Enumeration

Related Identifiers

Affected Products

References · 6