Lucene search
IcscertCVELIST:CVE-2023-0344HistoryMar 31, 2023 - 3:43 p.m.
CVE-2023-0344 CVE-2023-0344
2023-03-3115:43:23
icscert
www.cve.org
2
akuvox e11
custom dropbear ssh
insecure option
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
28.0%
Akuvox E11 appears to be using a custom version of dropbear SSH server. This server allows an insecure option that by default is not in the official dropbear SSH server.
CNA Affected
[
{
"vendor": "Akuvox",
"product": "E11",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
]Related
cve
cve
CVE-2023-0344
2023-03-31 16:15:07
prion
prion
Default configuration
2023-03-31 16:15:00
nvd
nvd
CVE-2023-0344
2023-03-31 16:15:07
thn
thn
Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom
2023-03-13 07:36:00
ics
ics
Akuvox E11
2023-03-09 12:00:00
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
9.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
28.0%
Related for CVELIST:CVE-2023-0344