9.8
CVE-2023-43845
- EPSS 0.48%
- Veröffentlicht 28.05.2024 19:15:09
- Zuletzt bearbeitet 30.05.2025 16:25:14
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginAten PE6208 2.3.228 and 2.4.232 have default credentials for the privileged telnet account. The user is not asked to change the credentials after first login. If not changed, attackers can log in to the telnet console and gain administrator privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Aten ≫ Pe6208 Firmware Version >= 2.3.228 < 2.4.239
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.48% | 0.642 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-269 Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.