9.1
CVE-2023-41256
- EPSS 0.74%
- Veröffentlicht 11.09.2023 19:15:43
- Zuletzt bearbeitet 21.11.2024 08:20:55
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginDover Fueling Solutions MAGLINK LX Console Authentication Bypass
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized attacker to obtain user access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Doverfuelingsolutions ≫ Maglink Lx Web Console Configuration Version2.5.1
Doverfuelingsolutions ≫ Maglink Lx Web Console Configuration Version2.5.2
Doverfuelingsolutions ≫ Maglink Lx Web Console Configuration Version2.5.3
Doverfuelingsolutions ≫ Maglink Lx Web Console Configuration Version2.6.1
Doverfuelingsolutions ≫ Maglink Lx Web Console Configuration Version2.11
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.74% | 0.498 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| ics-cert@hq.dhs.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-288 Authentication Bypass Using an Alternate Path or Channel
The product requires authentication, but the product has an alternate path or channel that does not require authentication.
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01