7.5
CVE-2023-34316
- EPSS 0.63%
- Veröffentlicht 10.07.2023 20:15:15
- Zuletzt bearbeitet 27.01.2025 17:15:14
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginDelta Electronics InfraSuite Device Master Improper Access Control
An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior to 1.0.7) patch, which could allow an attacker to retrieve file contents.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Deltaww ≫ Infrasuite Device Master Version < 1.0.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.63% | 0.452 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| ics-cert@hq.dhs.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-552 Files or Directories Accessible to External Parties
The product makes files or directories accessible to unauthorized actors, even though they should not be.
https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-01