VDB-241027 · CVE-2023-5326 · GCVE-100-241027

SATO CL4NX-J Plus 1.13.2-u455_r2 WebConfig ଦୁର୍ବଳ ପ୍ରାମାଣିକରଣ

Rakkoon nageenyaa kan ଜଟିଳ jedhamuun beekamu SATO CL4NX-J Plus 1.13.2-u455_r2 keessatti argameera. Miidhaan irra gahe is hojii hin beekamne kutaa WebConfig keessa. Dhugumatti jijjiirraa gara ଦୁର୍ବଳ ପ୍ରାମାଣିକରଣ geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-287 si geessa. Beekumsi kun yeroo 10/01/2023 ifoomsifameera. Odeeffannoon kun buufachuuf github.com irratti dhiyaateera. Dogoggorri kun maqaa CVE-2023-5326 jedhuun tajaajilama. Weerara kana milkeessuuf, qunnamtii networkii naannoo barbaachisa. Odeeffannoon teeknikaa hin jiru. Akka dabalataan, meeshaa balaa kana fayyadamuuf argama. Qorannoo miidhaa (exploit) beeksifamee jira, namoonni itti fayyadamuu danda'u. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee murtaa’eera. Exploit kana github.com irraa buufachuu ni dandeessa. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Firewall ugguramaa hojiirra oolchuu akka ta'e ni gorfama. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

3 ଆଡାପ୍ଟେସନ୍ · 71 ପଏଣ୍ଟ

ଫିଲ୍ଡ	ସୃଷ୍ଟି ହୋଇଛି 10/01/2023 02:15 PM	ଅଦ୍ୟତନ 1/2 10/23/2023 08:12 AM	ଅଦ୍ୟତନ 2/2 10/23/2023 08:14 AM
software_vendor	SATO	SATO	SATO
software_name	CL4NX-J Plus	CL4NX-J Plus	CL4NX-J Plus
software_version	1.13.2-u455_r2	1.13.2-u455_r2	1.13.2-u455_r2
software_component	WebConfig	WebConfig	WebConfig
vulnerability_cwe	CWE-287 (ଦୁର୍ବଳ ପ୍ରାମାଣିକରଣ)	CWE-287 (ଦୁର୍ବଳ ପ୍ରାମାଣିକରଣ)	CWE-287 (ଦୁର୍ବଳ ପ୍ରାମାଣିକରଣ)
vulnerability_risk	2	2	2
cvss3_vuldb_av	A	A	A
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_e	P	P	P
cvss3_vuldb_rl	W	W	W
cvss3_vuldb_rc	R	R	R
advisory_url	https://github.com/CV3TR4CK/CV3Cyb3R/blob/main/2023/SATO%20CL4NX-J%20Plus/README.md	https://github.com/CV3TR4CK/CV3Cyb3R/blob/main/2023/SATO%20CL4NX-J%20Plus/README.md	https://github.com/CV3TR4CK/CV3Cyb3R/blob/main/2023/SATO%20CL4NX-J%20Plus/README.md
exploit_availability	1	1	1
exploit_publicity	1	1	1
exploit_url	https://github.com/CV3TR4CK/CV3Cyb3R/blob/main/2023/SATO%20CL4NX-J%20Plus/README.md	https://github.com/CV3TR4CK/CV3Cyb3R/blob/main/2023/SATO%20CL4NX-J%20Plus/README.md	https://github.com/CV3TR4CK/CV3Cyb3R/blob/main/2023/SATO%20CL4NX-J%20Plus/README.md
countermeasure_name	Firewall	Firewall	Firewall
source_cve	CVE-2023-5326	CVE-2023-5326	CVE-2023-5326
cna_responsible	VulDB	VulDB	VulDB
advisory_date	1696111200 (10/01/2023)	1696111200 (10/01/2023)	1696111200 (10/01/2023)
cvss2_vuldb_av	A	A	A
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_rc	UR	UR	UR
cvss2_vuldb_rl	W	W	W
cvss2_vuldb_basescore	5.8	5.8	5.8
cvss2_vuldb_tempscore	4.7	4.7	4.7
cvss3_vuldb_basescore	6.3	6.3	6.3
cvss3_vuldb_tempscore	5.6	5.6	5.6
cvss3_meta_basescore	6.3	6.3	7.1
cvss3_meta_tempscore	5.6	5.6	6.9
price_0day	$0-$5k	$0-$5k	$0-$5k
cve_assigned		1696111200 (10/01/2023)	1696111200 (10/01/2023)
cve_nvd_summary		A vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component WebConfig. The manipulation leads to improper authentication. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241027.	A vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component WebConfig. The manipulation leads to improper authentication. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241027.
cvss3_nvd_i			H
cvss3_nvd_a			H
cvss2_nvd_av			A
cvss2_nvd_ac			L
cvss2_nvd_au			N
cvss2_nvd_ci			P
cvss2_nvd_ii			P
cvss2_nvd_ai			P
cvss3_cna_av			A
cvss3_cna_ac			L
cvss3_cna_pr			N
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			L
cvss3_cna_i			L
cvss3_cna_a			L
cve_cna			VulDB
cvss2_nvd_basescore			5.8
cvss3_nvd_basescore			8.8
cvss3_cna_basescore			6.3
cvss3_nvd_av			A
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H

◂ ପଛକୁ ସମୀକ୍ଷା ଆହୁରି ଦୂରରେ ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!