5.8
CVE-2023-40708
- EPSS 0.11%
- Veröffentlicht 24.08.2023 17:15:09
- Zuletzt bearbeitet 21.11.2024 08:20:00
- Quelle ot-cert@dragos.com
- CVE-Watchlists
- Unerledigt
LoginThe File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Opto22 ≫ Snap Pac S1 Firmware Versionr10.3b
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.297 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| ot-cert@dragos.com | 5.8 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
|
CWE-1188 Initialization of a Resource with an Insecure Default
The product initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.