The OPC UA .NET Standard Reference Server before 1.4.371.86. places sensitive information into an error message that may be seen remotely.
References
Link | Resource |
---|---|
https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-31048.pdf | Vendor Advisory |
https://github.com/OPCFoundation/UA-.NETStandard/releases | Release Notes |
https://github.com/OPCFoundation/UA-.NETStandard/releases/tag/1.4.371.86 | Release Notes |
Configurations
History
18 Dec 2023, 14:51
Type | Values Removed | Values Added |
---|---|---|
First Time |
Opcfoundation
Opcfoundation ua-.netstandard |
|
Summary |
|
|
CPE | cpe:2.3:a:opcfoundation:ua-.netstandard:*:*:*:*:*:*:*:* | |
CWE | CWE-209 | |
References | () https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2023-31048.pdf - Vendor Advisory | |
References | () https://github.com/OPCFoundation/UA-.NETStandard/releases - Release Notes | |
References | () https://github.com/OPCFoundation/UA-.NETStandard/releases/tag/1.4.371.86 - Release Notes | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
12 Dec 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-12-12 17:15
Updated : 2023-12-18 14:51
NVD link : CVE-2023-31048
Mitre link : CVE-2023-31048
CVE.ORG link : CVE-2023-31048
JSON object : View
Products Affected
opcfoundation
- ua-.netstandard
CWE
CWE-209
Generation of Error Message Containing Sensitive Information