CVE-2023-41965

Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process.
References
Link Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:socomec:modulys_gp_firmware:01.12.10:*:*:*:*:*:*:*
cpe:2.3:h:socomec:modulys_gp:-:*:*:*:*:*:*:*

History

07 Nov 2023, 04:21

Type Values Removed Values Added
Summary ** UNSUPPPORTED WHEN ASSIGNED ** Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process. Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process.

22 Sep 2023, 14:32

Type Values Removed Values Added
First Time Socomec modulys Gp
Socomec
Socomec modulys Gp Firmware
CPE cpe:2.3:h:socomec:modulys_gp:-:*:*:*:*:*:*:*
cpe:2.3:o:socomec:modulys_gp_firmware:01.12.10:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
References (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03 - (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03 - Third Party Advisory, US Government Resource

19 Sep 2023, 03:37

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-18 20:15

Updated : 2024-05-17 02:28


NVD link : CVE-2023-41965

Mitre link : CVE-2023-41965

CVE.ORG link : CVE-2023-41965


JSON object : View

Products Affected

socomec

  • modulys_gp
  • modulys_gp_firmware
CWE
CWE-922

Insecure Storage of Sensitive Information