Lucene search
IcscertCVE-2023-0348HistoryMar 13, 2023 - 9:15 p.m.
CVE-2023-0348
2023-03-1321:15:13
icscert
web.nvd.nist.gov
36
akuvox
e11
sip
access control
unauthorized access
cve-2023-0348
nvd
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
7.4
Confidence
High
EPSS
0.001
Percentile
30.7%
Akuvox E11 allows direct SIP calls. No access control is enforced by the SIP servers, which could allow an attacker to contact any device within Akuvox to call any other device.
Affected configurations
Node
akuvoxe11_firmwareMatch-
akuvoxe11Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| akuvox | e11_firmware | - | cpe:2.3:o:akuvox:e11_firmware:-:*:*:*:*:*:*:* |
| akuvox | e11 | - | cpe:2.3:h:akuvox:e11:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Akuvox",
"product": "E11",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
]Related
cvelist
cvelist
CVE-2023-0348 CVE-2023-0348
2023-03-13 20:24:11
prion
prion
Design/Logic Flaw
2023-03-13 21:15:00
nvd
nvd
CVE-2023-0348
2023-03-13 21:15:13
ics
ics
Akuvox E11
2023-03-09 12:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
7.4
Confidence
High
EPSS
0.001
Percentile
30.7%
Related for CVE-2023-0348