Lucene search

[email protected]NVD:CVE-2023-43609

HistoryFeb 09, 2024 - 4:15 a.m.

CVE-2023-43609

2024-02-0904:15:07

CWE-285

[email protected]

web.nvd.nist.gov

emerson rosemount products

unauthenticated access

sensitive information

denial of service

network access

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.4%

JSON

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could obtain access to sensitive information or cause a denial-of-service condition.

Affected configurations

NVD

Node

emersongc370xaMatch-

AND

emersongc370xa_firmwareMatch4.1.5

Node

emersongc700xaMatch-

AND

emersongc700xa_firmwareMatch4.1.5

Node

emersongc1500xaMatch-

AND

emersongc1500xa_firmwareMatch4.1.5

References

www.cisa.gov/news-events/ics-advisories/icsa-24-030-01

www.emerson.com/documents/automation/security-notification-emerson-gas-chromatographs-cyber-security-notification-icsa-24-030-01-en-10103910.pdf

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.4%

JSON

Related for NVD:CVE-2023-43609

prion1 cvelist1 cve1 thn1 ics1