CRITICAL🇬🇧 English

CVE-2023-1968

CVSS 10.0v3.1pub. 2023-04-28upd. 2024-11-21

Instruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP address. An unauthenticated malicious actor could use UCS to listen on all IP addresses, including those capable of accepting remote communications.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Illumina Iscan

    HW
    Illumina
    wszystkie wersje
  • Illumina Iscan Firmware

    OS
    Illumina
    4.0.04.0.5
  • Illumina Iseq 100

    HW
    Illumina
    wszystkie wersje
  • Illumina Iseq 100 Firmware

    OS
    Illumina
    wszystkie wersje
  • Illumina Miniseq

    HW
    Illumina
    wszystkie wersje
  • Illumina Miniseq Firmware

    OS
    Illumina
    ≥ 2.0
  • Illumina Miseq

    HW
    Illumina
    wszystkie wersje
  • Illumina Miseqdx

    HW
    Illumina
    wszystkie wersje
  • Illumina Miseqdx Firmware

    OS
    Illumina
    4.0≥ 4.0.1
  • Illumina Miseq Firmware

    OS
    Illumina
    ≥ 4.0
  • Illumina Nextseq 1000

    HW
    Illumina
    wszystkie wersje
  • Illumina Nextseq 1000 Firmware

    OS
    Illumina
    1.4.1
  • Illumina Nextseq 2000

    HW
    Illumina
    wszystkie wersje
  • Illumina Nextseq 2000 Firmware

    OS
    Illumina
    1.4.1
  • Illumina Nextseq 500

    HW
    Illumina
    wszystkie wersje
  • Illumina Nextseq 500 Firmware

    OS
    Illumina
    4.0
  • Illumina Nextseq 550

    HW
    Illumina
    wszystkie wersje
  • Illumina Nextseq 550dx

    HW
    Illumina
    wszystkie wersje
  • Illumina Nextseq 550dx Firmware

    OS
    Illumina
    4.01.0.0 – 1.3.1≥ 1.3.3
  • Illumina Nextseq 550 Firmware

    OS
    Illumina
    4.0
  • Illumina Novaseq 6000

    HW
    Illumina
    wszystkie wersje
  • Illumina Novaseq 6000 Firmware

    OS
    Illumina
    1.8≤ 1.7
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-1517CRITICAL10.0ten sam produkt

LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at t...

CVE-2022-1518CRITICAL10.0ten sam produkt

LRM contains a directory traversal vulnerability that can allow a malicious actor to upload outside the intend...

CVE-2022-1519CRITICAL10.0ten sam produkt

LRM does not restrict the types of files that can be uploaded to the affected product. A malicious actor can u...

CVE-2022-1521CRITICAL9.1ten sam produkt

LRM does not implement authentication or authorization by default. A malicious actor can inject, replay, modif...

CVE-2023-1966HIGH7.4ten sam produkt

Instruments with Illumina Universal Copy Service v1.x and v2.x contain an unnecessary privileges vulnerability...