8.8
CVE-2023-38585
- EPSS 1.61%
- Veröffentlicht 23.08.2023 03:15:08
- Zuletzt bearbeitet 21.11.2024 08:13:52
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginImproper authentication vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versions, see the detailed information provided by the vendor. Note that NR4H, NR8H, NR16H series and DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series are no longer supported, therefore updates for those products are not provided.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cbc ≫ Nr4h Firmware Version-
Cbc ≫ Nr8h Firmware Version-
Cbc ≫ Nr16h Firmware Version-
Cbc ≫ Dr-16f42a Firmware Version-
Cbc ≫ Dr-16f45at Firmware Version-
Cbc ≫ Dr-8f42a Firmware Version-
Cbc ≫ Dr-8f45at Firmware Version-
Cbc ≫ Dr-4fx1 Firmware Version-
Cbc ≫ Dr-16h Firmware Version-
Cbc ≫ Dr-8h Firmware Version-
Cbc ≫ Dr-4h Firmware Version-
Cbc ≫ Drh8-4m41-a Firmware Version-
Cbc ≫ Nr8-4m71 Firmware Version-
Cbc ≫ Nr8-8m72 Firmware Version-
Cbc ≫ Nr-16m Firmware Version-
Cbc ≫ Nr-16f85-8pra Firmware Version-
Cbc ≫ Nr-16f82-16p Firmware Version-
Cbc ≫ Nr-4f Firmware Version-
Cbc ≫ Nr-8f Firmware Version-
Cbc ≫ Dr-16m52 Firmware Version-
Cbc ≫ Dr-16m52-av Firmware Version-
Cbc ≫ Dr-8m52-av Firmware Version-
Cbc ≫ Dr-4m51-av Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.61% | 0.812 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.