VDE-2023-002

Vulnerability from csaf_mbconnectlinegmbh - Published: 2023-05-15 14:06 - Updated: 2025-05-14 13:00
Summary
MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24
Notes
Summary: Two vulnerabilites have been discovered in mbCONNECT24 and mbCONNECT24 in all versions through 2.13.3.
Impact: Please consult the CVE Entries.
Mitigation: For CVE-2023-0985: If you have MFA enabled on the admin user, the password will still be set, but the attacker will be unable to login as the MFA is still in place.
Remediation: Update to latest Version: 2.13.4
CVE-2023-0985
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-639 - Authorization Bypass Through User-Controlled Key
Mitigation If you have MFA enabled on the admin user, the password will still be set, but the attacker will be unable to login as the MFA is still in place.
Vendor Fix Update to latest Version: 2.13.4
CVE-2023-1779
4.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Vendor Fix Update to latest Version: 2.13.4
References
Acknowledgments
CERTVDE certvde.com
Helmholz GmbH & Co. KG www.helmholz.de
Hussein Alsharafi
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERTVDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "organization": "Helmholz GmbH \u0026 Co. KG",
        "summary": "reporting",
        "urls": [
          "https://www.helmholz.de"
        ]
      },
      {
        "names": [
          "Hussein Alsharafi"
        ],
        "summary": "reporting"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "Two vulnerabilites have been discovered in mbCONNECT24 and mbCONNECT24 in all versions through 2.13.3.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "Please consult the CVE Entries.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "For CVE-2023-0985: If you have MFA enabled on the admin user, the password will still be set, but the attacker will be unable to login as the MFA is still in place.",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "Update to latest Version: 2.13.4",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "security-team@mbconnectline.de",
      "name": "MB connect line GmbH",
      "namespace": "https://mbconnectline.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "vde-2023-002: MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 - HTML",
        "url": "https://certvde.com/de/advisories/vde-2023-002/"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for ",
        "url": "https://certvde.com/en/advisories/vendor/mbconnectline/"
      },
      {
        "category": "self",
        "summary": "vde-2023-002: MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 - CSAF",
        "url": "https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2023/vde-2023-002.json"
      }
    ],
    "title": "MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24",
    "tracking": {
      "aliases": [
        "VDE-2023-002"
      ],
      "current_release_date": "2025-05-14T13:00:14.000Z",
      "generator": {
        "date": "2025-04-16T10:14:24.527Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.23"
        }
      },
      "id": "vde-2023-002",
      "initial_release_date": "2023-05-15T14:06:00.000Z",
      "revision_history": [
        {
          "date": "2023-05-15T14:06:00.000Z",
          "number": "1",
          "summary": "initial revision"
        },
        {
          "date": "2025-05-14T13:00:14.000Z",
          "number": "2",
          "summary": "Fix: added distribution"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "mbCONNECT24",
                "product": {
                  "name": "mbCONNECT24",
                  "product_id": "CSAFPID-11001"
                }
              },
              {
                "category": "product_name",
                "name": "mymbCONNECT24",
                "product": {
                  "name": "mymbCONNECT24",
                  "product_id": "CSAFPID-11002"
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=2.13.3",
                "product": {
                  "name": "Firmware \u003c=2.13.3",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version",
                "name": "2.13.4",
                "product": {
                  "name": "Firmware 2.13.4",
                  "product_id": "CSAFPID-22001"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "MB connect line GmbH"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-31001",
          "CSAFPID-31002"
        ],
        "summary": "affected products"
      },
      {
        "group_id": "CSAFGID-0002",
        "product_ids": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "summary": "fixed products"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=2.13.3 installed on mbCONNECT24",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2.13.4 installed on mbCONNECT24",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c=2.13.3 installed on mymbCONNECT24",
          "product_id": "CSAFPID-31002"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11002"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 2.13.4 installed on mymbCONNECT24",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11002"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-0985",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An Authorization Bypass vulnerability was found in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz\u0027 myREX24 and myREX24.virtual version \u003c= 2.13.3. An authenticated remote user with low privileges can change the password of any user in the same account. This allows to take over the admin user and therefore fully compromise the account."
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "If you have MFA enabled on the admin user, the password will still be set, but the attacker will be unable to login as the MFA is still in place.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Update to latest Version: 2.13.4",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.8,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 8.8,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002"
          ]
        }
      ],
      "title": "CVE-2023-0985"
    },
    {
      "cve": "CVE-2023-1779",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz\u0027 myREX24 and myREX24.virtual in versions \u003c=2.13.3 allow an authorized remote attacker with low privileges to view a limited amount of another accounts contact information."
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-31001",
          "CSAFPID-31002"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Update to latest Version: 2.13.4",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalScore": 4.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 4.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001",
            "CSAFPID-31002"
          ]
        }
      ],
      "title": "CVE-2023-1779"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.