CVE-2023-36497 (GCVE-0-2023-36497)

Vulnerability from cvelistv5 – Published: 2023-09-11 19:36 – Updated: 2025-01-16 21:29
VLAI?
Title
Dover Fueling Solutions MAGLINK LX Web Console Authentication Bypass by Primary Weakness
Summary
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 could allow a guest user to elevate to admin privileges.
Severity ?
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-305 - Authentication Bypass by Primary Weakness
Assigner
References
Impacted products
Vendor Product Version
Dover Fueling Solutions MAGLINK LX Web Console Configuration Affected: 2.5.1
Affected: 2.5.2
Affected: 2.5.3
Affected: 2.6.1
Affected: 2.11
Affected: 3.0
Affected: 3.2
Affected: 3.3
Create a notification for this product.
Credits
Soufian El Yadmani of Darktrace / CSIRT.global reported these vulnerabilities
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:45:57.209Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-36497",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T21:20:25.054838Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T21:29:58.801Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "MAGLINK LX Web Console Configuration",
          "vendor": "Dover Fueling Solutions",
          "versions": [
            {
              "status": "affected",
              "version": "2.5.1"
            },
            {
              "status": "affected",
              "version": "2.5.2"
            },
            {
              "status": "affected",
              "version": "2.5.3"
            },
            {
              "status": "affected",
              "version": "2.6.1"
            },
            {
              "status": "affected",
              "version": "2.11"
            },
            {
              "status": "affected",
              "version": "3.0"
            },
            {
              "status": "affected",
              "version": "3.2"
            },
            {
              "status": "affected",
              "version": "3.3"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Soufian El Yadmani of Darktrace / CSIRT.global reported these vulnerabilities"
        }
      ],
      "datePublic": "2023-09-07T18:38:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecould allow a guest user to elevate to admin privileges\u003c/span\u003e."
            }
          ],
          "value": "Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 \n\ncould allow a guest user to elevate to admin privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-305",
              "description": "CWE-305: Authentication Bypass by Primary Weakness",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-24T16:31:42.756Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In 2023, Dover Fueling Solutions announced end-of-life for MAGLINK LX 3 and released MAGLINK LX 4. However, MAGLINK LX 3 version 3.4.2.2.6 and MAGLINK LX 4 fixes these vulnerabilities.\u003cbr\u003e"
            }
          ],
          "value": "In 2023, Dover Fueling Solutions announced end-of-life for MAGLINK LX 3 and released MAGLINK LX 4. However, MAGLINK LX 3 version 3.4.2.2.6 and MAGLINK LX 4 fixes these vulnerabilities."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Dover Fueling Solutions MAGLINK LX Web Console Authentication Bypass by Primary Weakness",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2023-36497",
    "datePublished": "2023-09-11T19:36:26.795Z",
    "dateReserved": "2023-09-01T20:57:37.407Z",
    "dateUpdated": "2025-01-16T21:29:58.801Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C3C3D27-24CD-43C8-BE87-BDD72B25C767\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D7C82DE-6F4D-4143-B0E9-D9ACD9C12AF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97DE034A-BDA6-4B51-A4CC-A680635949F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D2E3F6F-8929-4323-B0E6-97A24A2EE708\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"384A423B-2C17-43D4-991E-1A0324329147\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6565920-179C-42BF-9AF2-1CE627ECD3F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84206322-6805-40D5-BC95-254D669E644D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7737DE0-8334-49C2-A44F-9F47E0BE2438\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:doverfuelingsolutions:maglink_lx_3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"766A65BA-C796-482B-A74B-BCE28D200AB9\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 \\n\\ncould allow a guest user to elevate to admin privileges.\"}, {\"lang\": \"es\", \"value\": \"Las versiones de configuraci\\u00f3n de la consola web MAGLINK LX de Dover Fueling Solutions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2 y 3.3 podr\\u00edan permitir que un usuario invitado eleve a privilegios de administrador.\"}]",
      "id": "CVE-2023-36497",
      "lastModified": "2024-11-21T08:09:49.970",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2023-09-11T20:15:09.017",
      "references": "[{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01\", \"source\": \"ics-cert@hq.dhs.gov\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}]",
      "sourceIdentifier": "ics-cert@hq.dhs.gov",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ics-cert@hq.dhs.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-305\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-36497\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2023-09-11T20:15:09.017\",\"lastModified\":\"2024-11-21T08:09:49.970\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 \\n\\ncould allow a guest user to elevate to admin privileges.\"},{\"lang\":\"es\",\"value\":\"Las versiones de configuraci\u00f3n de la consola web MAGLINK LX de Dover Fueling Solutions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2 y 3.3 podr\u00edan permitir que un usuario invitado eleve a privilegios de administrador.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-305\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C3C3D27-24CD-43C8-BE87-BDD72B25C767\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D7C82DE-6F4D-4143-B0E9-D9ACD9C12AF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97DE034A-BDA6-4B51-A4CC-A680635949F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D2E3F6F-8929-4323-B0E6-97A24A2EE708\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"384A423B-2C17-43D4-991E-1A0324329147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6565920-179C-42BF-9AF2-1CE627ECD3F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84206322-6805-40D5-BC95-254D669E644D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7737DE0-8334-49C2-A44F-9F47E0BE2438\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:doverfuelingsolutions:maglink_lx_3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"766A65BA-C796-482B-A74B-BCE28D200AB9\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"MAGLINK LX Web Console Configuration\", \"vendor\": \"Dover Fueling Solutions\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.5.1\"}, {\"status\": \"affected\", \"version\": \"2.5.2\"}, {\"status\": \"affected\", \"version\": \"2.5.3\"}, {\"status\": \"affected\", \"version\": \"2.6.1\"}, {\"status\": \"affected\", \"version\": \"2.11\"}, {\"status\": \"affected\", \"version\": \"3.0\"}, {\"status\": \"affected\", \"version\": \"3.2\"}, {\"status\": \"affected\", \"version\": \"3.3\"}]}], \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Soufian El Yadmani of Darktrace / CSIRT.global reported these vulnerabilities\"}], \"datePublic\": \"2023-09-07T18:38:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 \\n\\n\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003ecould allow a guest user to elevate to admin privileges\u003c/span\u003e.\"}], \"value\": \"Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 \\n\\ncould allow a guest user to elevate to admin privileges.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-305\", \"description\": \"CWE-305: Authentication Bypass by Primary Weakness\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"shortName\": \"icscert\", \"dateUpdated\": \"2024-10-24T16:31:42.756Z\"}, \"references\": [{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01\"}], \"solutions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"In 2023, Dover Fueling Solutions announced end-of-life for MAGLINK LX 3 and released MAGLINK LX 4. However, MAGLINK LX 3 version 3.4.2.2.6 and MAGLINK LX 4 fixes these vulnerabilities.\u003cbr\u003e\"}], \"value\": \"In 2023, Dover Fueling Solutions announced end-of-life for MAGLINK LX 3 and released MAGLINK LX 4. However, MAGLINK LX 3 version 3.4.2.2.6 and MAGLINK LX 4 fixes these vulnerabilities.\"}], \"source\": {\"discovery\": \"EXTERNAL\"}, \"title\": \"Dover Fueling Solutions MAGLINK LX Web Console Authentication Bypass by Primary Weakness\", \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T16:45:57.209Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01\", \"tags\": [\"x_transferred\"]}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-36497\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-16T21:20:25.054838Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-16T21:20:26.346Z\"}}]}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-36497\", \"assignerOrgId\": \"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"icscert\", \"dateReserved\": \"2023-09-01T20:57:37.407Z\", \"datePublished\": \"2023-09-11T19:36:26.795Z\", \"dateUpdated\": \"2025-01-16T21:29:58.801Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.