ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-01 | Patch Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
History
28 Dec 2023, 19:26
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:etictelecom:ras-ec-400-lw:-:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:rfm-e:-:*:*:*:*:*:*:* cpe:2.3:o:etictelecom:remote_access_server_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:ras-ew-100:-:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:ras-e-400:-:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:ras-ec-480-lw:-:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:ras-ew-220:-:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:ras-ew-400:-:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:ras-ec-220-lw:-:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:ras-ecw-400-lw:-:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:ras-c-100-lw:-:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:ras-e-100:-:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:ras-ecw-220-lw:-:*:*:*:*:*:*:* cpe:2.3:h:etictelecom:ras-e-220:-:*:*:*:*:*:*:* |
|
First Time |
Etictelecom remote Access Server Firmware
Etictelecom ras-e-100 Etictelecom ras-ecw-220-lw Etictelecom ras-ew-400 Etictelecom ras-ew-220 Etictelecom ras-ew-100 Etictelecom ras-ec-400-lw Etictelecom ras-ec-220-lw Etictelecom ras-e-220 Etictelecom rfm-e Etictelecom ras-e-400 Etictelecom ras-c-100-lw Etictelecom ras-ecw-400-lw Etictelecom ras-ec-480-lw |
01 Sep 2023, 18:11
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-01 - Patch, Third Party Advisory, US Government Resource | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
CPE | cpe:2.3:a:etictelecom:remote_access_server:*:*:*:*:*:*:*:* | |
First Time |
Etictelecom remote Access Server
Etictelecom |
23 Aug 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-23 22:15
Updated : 2023-12-28 19:26
NVD link : CVE-2023-3453
Mitre link : CVE-2023-3453
CVE.ORG link : CVE-2023-3453
JSON object : View
Products Affected
etictelecom
- ras-ecw-400-lw
- remote_access_server_firmware
- ras-e-220
- ras-e-400
- ras-ec-480-lw
- ras-ec-220-lw
- ras-ecw-220-lw
- ras-c-100-lw
- rfm-e
- ras-ew-220
- ras-ew-100
- ras-e-100
- ras-ec-400-lw
- ras-ew-400
CWE
CWE-1188
Insecure Default Initialization of Resource