CVE-2023-3243 (GCVE-0-2023-3243)
Vulnerability from cvelistv5 – Published: 2023-06-28 20:23 – Updated: 2024-08-02 06:48 Unsupported When Assigned
VLAI
Summary
** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash
and utilize it to create new sessions. The hash is also a poorly salted MD5
hash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X. Recommended fix: Upgrade to a supported product such
as Alerton
ACM.] Out of an abundance of caution, this CVE ID is being assigned to
better serve our customers and ensure all who are still running this product understand
that the product is end of life and should be removed or upgraded.
Severity
8.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Alerton | BCM-WEB |
Affected:
3.3.X , ≤ 3.3.X*
(semver)
|
|
| honeywell | alerton_bcm-web_firmware |
Affected:
-
cpe:2.3:o:honeywell:alerton_bcm-web_firmware:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:honeywell:alerton_bcm-web_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "alerton_bcm-web_firmware",
"vendor": "honeywell",
"versions": [
{
"status": "affected",
"version": "-"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-29T19:36:19.657479Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:17:36.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:48:08.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.honeywell.com/us/en/product-security"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "BCM-WEB",
"vendor": "Alerton",
"versions": [
{
"lessThanOrEqual": "3.3.X*",
"status": "affected",
"version": "3.3.X",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\n\n** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash\nand utilize it to create new sessions. The hash is also a poorly salted MD5\nhash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eRecommended fix: Upgrade to a supported product such\nas \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbuildings.honeywell.com%2Fcontent%2Fdam%2Fhbtbt%2Fen%2Fdocuments%2Fdownloads%2FACM-Data-Sheet.pdf\u0026amp;data=05%7C01%7CAbigail.Palacios%40Honeywell.com%7C1d6c8efd4d004d4c794708db7420781b%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C638231455033412035%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C\u0026amp;sdata=0eiTwALAM%2BDi2WPUs%2F4dVN8eNxZQStfqxMqCRfTYpBM%3D\u0026amp;reserved=0\"\u003eAlerton\nACM\u003c/a\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e.\u003c/span\u003e] Out of an abundance of caution, this CVE ID is being assigned to \nbetter serve our customers and ensure all who are still running this product understand \nthat the product is end of life and should be removed or upgraded.\u0026nbsp;\u003c/p\u003e\n\n\n\n\n\n"
}
],
"value": "\n** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash\nand utilize it to create new sessions. The hash is also a poorly salted MD5\nhash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X.\u00a0Recommended fix: Upgrade to a supported product such\nas Alerton\nACM.] Out of an abundance of caution, this CVE ID is being assigned to \nbetter serve our customers and ensure all who are still running this product understand \nthat the product is end of life and should be removed or upgraded.\u00a0\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-25T14:09:27.255Z",
"orgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
"shortName": "Honeywell"
},
"references": [
{
"url": "https://www.honeywell.com/us/en/product-security"
}
],
"source": {
"discovery": "UNKNOWN"
},
"tags": [
"unsupported-when-assigned"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
"assignerShortName": "Honeywell",
"cveId": "CVE-2023-3243",
"datePublished": "2023-06-28T20:23:21.810Z",
"dateReserved": "2023-06-14T13:51:12.389Z",
"dateUpdated": "2024-08-02T06:48:08.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-3243",
"date": "2026-06-02",
"epss": "0.00113",
"percentile": "0.29628"
},
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:honeywell:alerton_bcm-web_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EBA40E5-B39F-4951-B5CC-0FBD2C1AF827\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:honeywell:alerton_bcm-web:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0859F55-5F78-4C5E-B01E-8E84B7D34E45\"}]}]}]",
"cveTags": "[{\"sourceIdentifier\": \"psirt@honeywell.com\", \"tags\": [\"unsupported-when-assigned\"]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"\\n** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash\\nand utilize it to create new sessions. The hash is also a poorly salted MD5\\nhash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X.\\u00a0Recommended fix: Upgrade to a supported product such\\nas Alerton\\nACM.] Out of an abundance of caution, this CVE ID is being assigned to \\nbetter serve our customers and ensure all who are still running this product understand \\nthat the product is end of life and should be removed or upgraded.\\u00a0\\n\\n\"}]",
"id": "CVE-2023-3243",
"lastModified": "2024-11-21T08:16:47.080",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@honeywell.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L\", \"baseScore\": 8.3, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.5}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
"published": "2023-06-28T21:15:10.310",
"references": "[{\"url\": \"https://www.honeywell.com/us/en/product-security\", \"source\": \"psirt@honeywell.com\", \"tags\": [\"Not Applicable\"]}, {\"url\": \"https://www.honeywell.com/us/en/product-security\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Not Applicable\"]}]",
"sourceIdentifier": "psirt@honeywell.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"psirt@honeywell.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-290\"}, {\"lang\": \"en\", \"value\": \"CWE-326\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-3243\",\"sourceIdentifier\":\"psirt@honeywell.com\",\"published\":\"2023-06-28T21:15:10.310\",\"lastModified\":\"2024-11-21T08:16:47.080\",\"vulnStatus\":\"Modified\",\"cveTags\":[{\"sourceIdentifier\":\"psirt@honeywell.com\",\"tags\":[\"unsupported-when-assigned\"]}],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\n** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash\\nand utilize it to create new sessions. The hash is also a poorly salted MD5\\nhash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X.\u00a0Recommended fix: Upgrade to a supported product such\\nas Alerton\\nACM.] Out of an abundance of caution, this CVE ID is being assigned to \\nbetter serve our customers and ensure all who are still running this product understand \\nthat the product is end of life and should be removed or upgraded.\u00a0\\n\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@honeywell.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":5.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@honeywell.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-290\"},{\"lang\":\"en\",\"value\":\"CWE-326\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:honeywell:alerton_bcm-web_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EBA40E5-B39F-4951-B5CC-0FBD2C1AF827\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:honeywell:alerton_bcm-web:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0859F55-5F78-4C5E-B01E-8E84B7D34E45\"}]}]}],\"references\":[{\"url\":\"https://www.honeywell.com/us/en/product-security\",\"source\":\"psirt@honeywell.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://www.honeywell.com/us/en/product-security\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.honeywell.com/us/en/product-security\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T06:48:08.512Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-3243\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-29T19:36:19.657479Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:honeywell:alerton_bcm-web_firmware:-:*:*:*:*:*:*:*\"], \"vendor\": \"honeywell\", \"product\": \"alerton_bcm-web_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"-\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-04-29T19:53:57.765Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"tags\": [\"unsupported-when-assigned\"], \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-233\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-233 Privilege Escalation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.3, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Alerton\", \"product\": \"BCM-WEB\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.3.X\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.3.X*\"}], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://www.honeywell.com/us/en/product-security\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"\\n** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash\\nand utilize it to create new sessions. The hash is also a poorly salted MD5\\nhash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X.\\u00a0Recommended fix: Upgrade to a supported product such\\nas Alerton\\nACM.] Out of an abundance of caution, this CVE ID is being assigned to \\nbetter serve our customers and ensure all who are still running this product understand \\nthat the product is end of life and should be removed or upgraded.\\u00a0\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003e\\n\\n** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash\\nand utilize it to create new sessions. The hash is also a poorly salted MD5\\nhash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X.\u0026nbsp;\u003cspan style=\\\"background-color: var(--wht);\\\"\u003eRecommended fix: Upgrade to a supported product such\\nas \u003c/span\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbuildings.honeywell.com%2Fcontent%2Fdam%2Fhbtbt%2Fen%2Fdocuments%2Fdownloads%2FACM-Data-Sheet.pdf\u0026amp;data=05%7C01%7CAbigail.Palacios%40Honeywell.com%7C1d6c8efd4d004d4c794708db7420781b%7C96ece5269c7d48b08daf8b93c90a5d18%7C0%7C0%7C638231455033412035%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C\u0026amp;sdata=0eiTwALAM%2BDi2WPUs%2F4dVN8eNxZQStfqxMqCRfTYpBM%3D\u0026amp;reserved=0\\\"\u003eAlerton\\nACM\u003c/a\u003e\u003cspan style=\\\"background-color: var(--wht);\\\"\u003e.\u003c/span\u003e] Out of an abundance of caution, this CVE ID is being assigned to \\nbetter serve our customers and ensure all who are still running this product understand \\nthat the product is end of life and should be removed or upgraded.\u0026nbsp;\u003c/p\u003e\\n\\n\\n\\n\\n\\n\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-290\", \"description\": \"CWE-290 Authentication Bypass by Spoofing\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-326\", \"description\": \"CWE-326 Inadequate Encryption Strength\"}]}], \"providerMetadata\": {\"orgId\": \"0dc86260-d7e3-4e81-ba06-3508e030ce8d\", \"shortName\": \"Honeywell\", \"dateUpdated\": \"2024-04-25T14:09:27.255Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-3243\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T06:48:08.512Z\", \"dateReserved\": \"2023-06-14T13:51:12.389Z\", \"assignerOrgId\": \"0dc86260-d7e3-4e81-ba06-3508e030ce8d\", \"datePublished\": \"2023-06-28T20:23:21.810Z\", \"assignerShortName\": \"Honeywell\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…