Lucene search

MitreCVE-2023-25409

HistoryApr 11, 2023 - 9:15 p.m.

CVE-2023-25409

2023-04-1121:15:20

CWE-668

mitre

web.nvd.nist.gov

aten

pe8108

2.4.232

cve-2023-25409

vulnerability

incorrect access control

nvd

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

21.0%

JSON

Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have access to other users outlets.

Affected configurations

Nvd

Node

atenpe8108Match-

AND

atenpe8108_firmwareMatch2.4.232

VendorProductVersionCPE
atenpe8108-cpe:2.3:h:aten:pe8108:-:*:*:*:*:*:*:*
atenpe8108_firmware2.4.232cpe:2.3:o:aten:pe8108_firmware:2.4.232:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
aten	pe8108	-	cpe:2.3:h:aten:pe8108:-:::::::*
aten	pe8108_firmware	2.4.232	cpe:2.3:o:aten:pe8108_firmware:2.4.232:::::::*

References

www.pentagrid.ch/en/blog/multiple-vulnerabilities-in-aten-PE8108-power-distribution-unit

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

21.0%

JSON

Related for CVE-2023-25409