admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2023/4xxx/CVE-2023-4834.json
CVE Team e7b6306ca3
"-Synchronized-Data."
2023-10-16 09:00:39 +00:00

140 lines
5.1 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-4834",
"ASSIGNER": "info@cert.vde.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Red Lion Europe\u00a0mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an\u00a0improperly implemented access validation allows an authenticated, low privileged\u00a0attacker to gain read access to limited, non-critical device information in his account he should not have access to.\n\n\n\n\t\t\t\t\t\n\n\n\t\t\t\t\n\n\n\t\t\t\n\n\n\t\t\n\n\n\t\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management",
"cweId": "CWE-269"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Lion Europe",
"product": {
"product_data": [
{
"product_name": "mbCONNECT24",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "2.14.2"
}
]
}
},
{
"product_name": "mymbCONNECT24",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "2.14.2"
}
]
}
}
]
}
},
{
"vendor_name": "Helmholz",
"product": {
"product_data": [
{
"product_name": "myREX24",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "2.14.2"
}
]
}
},
{
"product_name": "myREX24.virtual",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "2.14.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-041",
"refsource": "MISC",
"name": "https://cert.vde.com/en/advisories/VDE-2023-041"
},
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-043",
"refsource": "MISC",
"name": "https://cert.vde.com/en/advisories/VDE-2023-043"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"defect": [
"CERT@VDE#64587"
],
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink