Panasonic AiSEG2 versions 2.00J through 2.93A allows adjacent attackers bypass authentication due to mishandling of X-Forwarded-For headers.
References
Link | Resource |
---|---|
https://www2.panasonic.biz/jp/densetsu/aiseg/firmup_info.html | Release Notes |
Configurations
Configuration 1 (hide)
AND |
|
History
06 Apr 2023, 18:24
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-287 | |
References | (MISC) https://www2.panasonic.biz/jp/densetsu/aiseg/firmup_info.html - Release Notes | |
First Time |
Panasonic
Panasonic aiseg2 Firmware Panasonic aiseg2 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:o:panasonic:aiseg2_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:panasonic:aiseg2:-:*:*:*:*:*:*:* |
31 Mar 2023, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-31 07:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-28727
Mitre link : CVE-2023-28727
CVE.ORG link : CVE-2023-28727
JSON object : View
Products Affected
panasonic
- aiseg2_firmware
- aiseg2
CWE
CWE-287
Improper Authentication