HIGH🇬🇧 English

CVE-2023-0451

CVSS 7.5v3.1pub. 2023-01-26upd. 2024-11-21

Econolite EOS versions prior to 3.2.23 lack a password requirement for gaining “READONLY” access to log files and certain database and configuration files. One such file contains tables with MD5 hashes and usernames for all defined users in the control software, including administrators and technicians.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Econolite Eos

    APP
    Econolite
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-0452CRITICAL9.8ten sam produkt

Econolite EOS versions prior to 3.2.23 use a weak hash algorithm for encrypting privileged user credentials. A...

CVE-2023-0451 — HIGH 7.5 | CVEbaza.pl