Lucene search

TR-CERTCVE-2023-4669

HistorySep 14, 2023 - 7:16 p.m.

CVE-2023-4669

2023-09-1419:16:51

CWE-302

CWE-287

TR-CERT

web.nvd.nist.gov

cve-2023-4669

authentication bypass

exagate sysguard 3001

vulnerability

nvd

security

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON

Authentication Bypass by Assumed-Immutable Data vulnerability in Exagate SYSGuard 3001 allows Authentication Bypass.This issue affects SYSGuard 3001: before 3.2.20.0.

Affected configurations

Nvd

Node

exagatesysguard_3001_firmwareRange<3.2.20.0

AND

exagatesysguard_3001Match-

VendorProductVersionCPE
exagatesysguard_3001_firmware*cpe:2.3:o:exagate:sysguard_3001_firmware:*:*:*:*:*:*:*:*
exagatesysguard_3001-cpe:2.3:h:exagate:sysguard_3001:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
exagate	sysguard_3001_firmware	*	cpe:2.3:o:exagate:sysguard_3001_firmware::::::::
exagate	sysguard_3001	-	cpe:2.3:h:exagate:sysguard_3001:-:::::::*

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "SYSGuard 3001",
    "vendor": "Exagate",
    "versions": [
      {
        "lessThan": "3.2.20.0",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

www.usom.gov.tr/bildirim/tr-23-0525

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON

Related for CVE-2023-4669