Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain an improper access control vulnerability, which could allow an attacker to retrieve Gateway configuration files to obtain plaintext credentials.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02 | Third Party Advisory US Government Resource |
Configurations
History
30 Mar 2023, 22:53
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:deltaww:infrasuite_device_master:*:*:*:*:*:*:*:* | |
References | (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02 - Third Party Advisory, US Government Resource | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Deltaww infrasuite Device Master
Deltaww |
27 Mar 2023, 17:04
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-27 15:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-1138
Mitre link : CVE-2023-1138
CVE.ORG link : CVE-2023-1138
JSON object : View
Products Affected
deltaww
- infrasuite_device_master
CWE