10
CVE-2023-1968
- EPSS 0.17%
- Veröffentlicht 28.04.2023 19:15:16
- Zuletzt bearbeitet 21.11.2024 07:40:14
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginInstruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP address. An unauthenticated malicious actor could use UCS to listen on all IP addresses, including those capable of accepting remote communications.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Illumina ≫ Iscan Firmware Version4.0.0
Illumina ≫ Iscan Firmware Version4.0.5
Illumina ≫ Miniseq Firmware Version >= 2.0
Illumina ≫ Miseq Firmware Version >= 4.0
Illumina ≫ Miseqdx Firmware SwEdition- Version >= 4.0.1
Illumina ≫ Miseqdx Firmware Version4.0 SwEditionruo
Illumina ≫ Nextseq 500 Firmware Version4.0
Illumina ≫ Nextseq 550 Firmware Version4.0
Illumina ≫ Nextseq 550dx Firmware SwEdition- Version >= 1.0.0 <= 1.3.1
Illumina ≫ Nextseq 550dx Firmware SwEdition- Version >= 1.3.3
Illumina ≫ Nextseq 550dx Firmware Version4.0 SwEditionruo
Illumina ≫ Nextseq 1000 Firmware Version1.4.1
Illumina ≫ Nextseq 2000 Firmware Version1.4.1
Illumina ≫ Novaseq 6000 Firmware Version <= 1.7
Illumina ≫ Novaseq 6000 Firmware Version1.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.386 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| ics-cert@hq.dhs.gov | 10 | 3.9 | 6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
CWE-1327 Binding to an Unrestricted IP Address
The product assigns the address 0.0.0.0 for a database server, a cloud service/instance, or any computing resource that communicates remotely.