Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-2063
HistoryJun 02, 2023 - 5:15 a.m.

CVE-2023-2063

2023-06-0205:15:10
CWE-434
[email protected]
web.nvd.nist.gov
1
mitsubishi electric
ftp
file upload vulnerability
information disclosure
tampering
exploitation

CVSS3

7.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

49.7%

JSON

Unrestricted Upload of File with Dangerous Type vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to cause information disclosure, tampering, deletion or destruction via file upload/download. As a result, the attacker may be able to exploit this for further attacks.

Affected configurations

Nvd
Node
mitsubishielectricfx5-enet\/ip_firmwareMatch-
AND
mitsubishielectricfx5-enet\/ipMatch-
Node
mitsubishielectricsw1dnn-eipct-bd_firmwareMatch-
AND
mitsubishielectricsw1dnn-eipct-bdMatch-
Node
mitsubishielectricrj71eip91_firmwareMatch-
AND
mitsubishielectricrj71eip91Match-
Node
mitsubishielectricsw1dnn-eipctfx5-bd_firmwareMatch-
AND
mitsubishielectricsw1dnn-eipctfx5-bdMatch-
VendorProductVersionCPE
mitsubishielectricfx5-enet\/ip_firmware-cpe:2.3:o:mitsubishielectric:fx5-enet\/ip_firmware:-:*:*:*:*:*:*:*
mitsubishielectricfx5-enet\/ip-cpe:2.3:h:mitsubishielectric:fx5-enet\/ip:-:*:*:*:*:*:*:*
mitsubishielectricsw1dnn-eipct-bd_firmware-cpe:2.3:o:mitsubishielectric:sw1dnn-eipct-bd_firmware:-:*:*:*:*:*:*:*
mitsubishielectricsw1dnn-eipct-bd-cpe:2.3:h:mitsubishielectric:sw1dnn-eipct-bd:-:*:*:*:*:*:*:*
mitsubishielectricrj71eip91_firmware-cpe:2.3:o:mitsubishielectric:rj71eip91_firmware:-:*:*:*:*:*:*:*
mitsubishielectricrj71eip91-cpe:2.3:h:mitsubishielectric:rj71eip91:-:*:*:*:*:*:*:*
mitsubishielectricsw1dnn-eipctfx5-bd_firmware-cpe:2.3:o:mitsubishielectric:sw1dnn-eipctfx5-bd_firmware:-:*:*:*:*:*:*:*
mitsubishielectricsw1dnn-eipctfx5-bd-cpe:2.3:h:mitsubishielectric:sw1dnn-eipctfx5-bd:-:*:*:*:*:*:*:*

Related

cvelist 1
prion 1
cve 1
nessus 1
ics 1
cvelist
cvelist
CVE-2023-2063 Information disclosure, tampering, deletion and destruction vulnerability in MELSEC iQ-R Series / iQ-F Series EtherNet/IP Modules
2023-06-02 04:05:38
prion
prion
Design/Logic Flaw
2023-06-02 05:15:00
cve
cve
CVE-2023-2063
2023-06-02 05:15:10
nessus
nessus
Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series Unrestricted Upload of File with Dangerous Type (CVE-2023-2063)
2023-06-30 00:00:00
ics
ics
Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series (Update A)
2024-04-25 12:00:00

CVSS3

7.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

49.7%

JSON
Related for NVD:CVE-2023-2063
cvelist1prion1cve1nessus1ics1