Lucene search
JpcertCVE-2023-46711HistoryDec 26, 2023 - 8:15 a.m.
CVE-2023-46711
2023-12-2608:15:10
CWE-798
jpcert
web.nvd.nist.gov
13
cve-2023-46711
vr-s1000
firmware
cryptographic key
password analysis
nvd
CVSS3
4.6
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
4.8
Confidence
High
EPSS
0.001
Percentile
20.7%
VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an attacker to analyze the password of a specific product user.
Affected configurations
Node
buffalovr-s1000_firmwareRange≤2.37
buffalovr-s1000Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| buffalo | vr-s1000_firmware | * | cpe:2.3:o:buffalo:vr-s1000_firmware:*:*:*:*:*:*:*:* |
| buffalo | vr-s1000 | - | cpe:2.3:h:buffalo:vr-s1000:-:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "BUFFALO INC.",
"product": "VR-S1000",
"versions": [
{
"version": "firmware Ver. 2.37 and earlier",
"status": "affected"
}
]
}
]Related
prion
prion
Hardcoded credentials
2023-12-26 08:15:00
cvelist
cvelist
CVE-2023-46711
2023-12-26 07:29:49
vulnrichment
vulnrichment
CVE-2023-46711
2023-12-26 07:29:49
nvd
nvd
CVE-2023-46711
2023-12-26 08:15:10
jvn
jvn
JVN#23771490: Multiple vulnerabilities in BUFFALO VR-S1000
2023-12-26 00:00:00
CVSS3
4.6
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
4.8
Confidence
High
EPSS
0.001
Percentile
20.7%
Related for CVE-2023-46711