Lucene search
IcscertCVE-2023-0354HistoryMar 13, 2023 - 9:15 p.m.
CVE-2023-0354
2023-03-1321:15:13
icscert
web.nvd.nist.gov
46
akuvox e11
cve-2023-0354
web server
unauthenticated access
data breach
packet capture
known default urls
nvd
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
9
Confidence
High
EPSS
0.001
Percentile
50.7%
The Akuvox E11 web server can be accessed without any user authentication, and this could allow an attacker to access sensitive information, as well as create and download packet captures with known default URLs.
Affected configurations
Node
akuvoxe11_firmwareMatch-
akuvoxe11Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| akuvox | e11_firmware | - | cpe:2.3:o:akuvox:e11_firmware:-:*:*:*:*:*:*:* |
| akuvox | e11 | - | cpe:2.3:h:akuvox:e11:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Akuvox",
"product": "E11",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
]Related
prion
prion
Authentication flaw
2023-03-13 21:15:00
cvelist
cvelist
CVE-2023-0354 CVE-2023-0354
2023-03-13 20:04:43
nvd
nvd
CVE-2023-0354
2023-03-13 21:15:13
thn
thn
Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom
2023-03-13 07:36:00
ics
ics
Akuvox E11
2023-03-09 12:00:00
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
9
Confidence
High
EPSS
0.001
Percentile
50.7%
Related for CVE-2023-0354