8.8
CVE-2023-40158
- EPSS 5.59%
- Veröffentlicht 23.08.2023 03:15:08
- Zuletzt bearbeitet 21.11.2024 08:18:53
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginHidden functionality vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versions, see the detailed information provided by the vendor. Note that NR4H, NR8H, NR16H series and DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series are no longer supported, therefore updates for those products are not provided.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cbc ≫ Nr4h Firmware Version-
Cbc ≫ Nr8h Firmware Version-
Cbc ≫ Nr16h Firmware Version-
Cbc ≫ Dr-16f42a Firmware Version-
Cbc ≫ Dr-16f45at Firmware Version-
Cbc ≫ Dr-8f42a Firmware Version-
Cbc ≫ Dr-8f45at Firmware Version-
Cbc ≫ Dr-4fx1 Firmware Version-
Cbc ≫ Dr-16h Firmware Version-
Cbc ≫ Dr-8h Firmware Version-
Cbc ≫ Dr-4h Firmware Version-
Cbc ≫ Drh8-4m41-a Firmware Version-
Cbc ≫ Nr8-4m71 Firmware Version-
Cbc ≫ Nr8-8m72 Firmware Version-
Cbc ≫ Nr-16m Firmware Version-
Cbc ≫ Nr-16f85-8pra Firmware Version-
Cbc ≫ Nr-16f82-16p Firmware Version-
Cbc ≫ Nr-4f Firmware Version-
Cbc ≫ Nr-8f Firmware Version-
Cbc ≫ Dr-16m52 Firmware Version-
Cbc ≫ Dr-16m52-av Firmware Version-
Cbc ≫ Dr-8m52-av Firmware Version-
Cbc ≫ Dr-4m51-av Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.59% | 0.901 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-912 Hidden Functionality
The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.