CVE-2023-29241

EPSS 0.13%
Veröffentlicht 30.06.2023 22:15:09
Zuletzt bearbeitet 21.11.2024 07:56:44
Quelle psirt@bosch.com
CVE-Watchlists
Login
Unerledigt
Login

Improper Information in Cybersecurity Guidebook in Bosch Building Integration System (BIS) 5.0 may lead to wrong configuration which allows local users to access data via network

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Bosch ≫ Building Integration System Version5.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.325

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	1.8	5.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
psirt@bosch.com	8.1	2.8	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE-1112 Incomplete Documentation of Program Execution

The document does not fully define all mechanisms that are used to control or influence how product-specific programs are executed.

https://psirt.bosch.com/security-advisories/BOSCH-SA-988400-BT.html

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2023-29241

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-29241

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-29241

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-29241