2023-08-17 16:00:36 +00:00
{
"id" : "CVE-2023-34412" ,
"sourceIdentifier" : "info@cert.vde.com" ,
"published" : "2023-08-17T14:15:09.700" ,
2024-02-29 03:01:19 +00:00
"lastModified" : "2024-02-29T01:39:49.957" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-08-17 16:00:36 +00:00
"descriptions" : [
{
"lang" : "en" ,
2024-02-29 03:01:19 +00:00
"value" : "A vulnerability in Red Lion Europe mbNET/mbNET.rokey and Helmholz REX 200 and REX 250 devices with firmware lower 7.3.2 allows an\nauthenticated remote attacker with high privileges to inject malicious HTML or JavaScript code (XSS)."
2023-08-17 16:00:36 +00:00
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
2024-02-29 03:01:19 +00:00
"source" : "info@cert.vde.com" ,
2023-08-17 16:00:36 +00:00
"type" : "Primary" ,
2023-08-23 22:00:29 +00:00
"cvssData" : {
"version" : "3.1" ,
2024-02-29 03:01:19 +00:00
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N" ,
2023-08-23 22:00:29 +00:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
2024-02-29 03:01:19 +00:00
"privilegesRequired" : "HIGH" ,
2023-08-23 22:00:29 +00:00
"userInteraction" : "REQUIRED" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "LOW" ,
"integrityImpact" : "LOW" ,
"availabilityImpact" : "NONE" ,
2024-02-29 03:01:19 +00:00
"baseScore" : 4.8 ,
2023-08-23 22:00:29 +00:00
"baseSeverity" : "MEDIUM"
} ,
2024-02-29 03:01:19 +00:00
"exploitabilityScore" : 1.7 ,
2023-08-23 22:00:29 +00:00
"impactScore" : 2.7
} ,
{
2024-02-29 03:01:19 +00:00
"source" : "nvd@nist.gov" ,
2023-08-23 22:00:29 +00:00
"type" : "Secondary" ,
2023-08-17 16:00:36 +00:00
"cvssData" : {
"version" : "3.1" ,
2024-02-29 03:01:19 +00:00
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" ,
2023-08-17 16:00:36 +00:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
2024-02-29 03:01:19 +00:00
"privilegesRequired" : "LOW" ,
2023-08-17 16:00:36 +00:00
"userInteraction" : "REQUIRED" ,
"scope" : "CHANGED" ,
2024-02-29 03:01:19 +00:00
"confidentialityImpact" : "LOW" ,
"integrityImpact" : "LOW" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 5.4 ,
"baseSeverity" : "MEDIUM"
2023-08-17 16:00:36 +00:00
} ,
2024-02-29 03:01:19 +00:00
"exploitabilityScore" : 2.3 ,
"impactScore" : 2.7
2023-08-17 16:00:36 +00:00
}
]
} ,
"weaknesses" : [
{
"source" : "info@cert.vde.com" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-79"
}
]
}
] ,
2023-08-23 22:00:29 +00:00
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:helmholz:rex_250_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "18903E70-B902-4182-B41D-666EB8C3B61C"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:helmholz:rex_250:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "53454815-3E7A-4097-8FC7-2F7634DAF7E1"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:helmholz:rex_200_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "66925474-A4F6-4D7C-8163-290761406352"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:helmholz:rex_200:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "28B3785D-8EFF-4A67-88F1-8F9D0EC39D6C"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet.rokey_rkh_210_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "498A9C6F-FCEE-44F9-AC64-8C070E9E31A4"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet.rokey_rkh_210:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1DBA39B6-4D76-44ED-847F-10B2BA96EB0F"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet.rokey_rkh_216_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "C2FEA63F-166C-4D08-8F49-8F1962CB97E2"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet.rokey_rkh_216:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9F530332-3BFB-43D3-AD5F-0B4410543BEA"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet.rokey_rkh_235_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "35085939-39A2-482B-802F-77313F1CA63D"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet.rokey_rkh_235:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "873AEDC5-A8B6-4B76-8A43-A3C6241ABE09"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet.rokey_rkh_259_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "7EF81568-103C-408A-A575-33588BF5903B"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet.rokey_rkh_259:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "031FFFE6-9C5F-47D9-8264-CC7C2D256941"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet_mdh_811_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "EBE73666-D739-4C07-B7B4-31BBC0608C74"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet_mdh_811:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "30C680F1-60C6-43BF-BE62-D9D49A609734"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet_mdh_850_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "12FBFD60-81BC-4B25-8AC5-E041E57A870E"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet_mdh_850:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C293C0F8-EF07-4F19-A7B6-CE5EC170E042"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet_mdh_871_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "68D51AD3-E614-45C3-8163-9547DCD41FEB"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet_mdh_871:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B4347DC3-2035-4328-91CE-3ABA912A3B7D"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet_mdh_831_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "C06DD90C-4E6D-4836-99CA-16A0F0AAE6E1"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet_mdh_831:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A275C2A8-D5B6-4B32-9080-5E41B51B4487"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet_mdh_855_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "D1997B14-061F-47D6-8FF0-266D316211CB"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet_mdh_855:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "055F9937-565E-4103-9E2A-0BB274B1D770"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet_mdh_876_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "A72C9074-B9A0-4DF9-9262-0937C6B2B3FF"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet_mdh_876:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E152B4F0-44A1-45FD-A541-0E039479DC00"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet_mdh_858_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "745A8264-D4A7-4431-83E0-63FA59A8E575"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet_mdh_858:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0002E5EA-F173-4861-95D9-6996A51F08A0"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet_mdh_816_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "CD074843-119D-4738-8F52-D43B825AA472"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet_mdh_816:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B61FB21C-AD6B-4BF8-A303-8C0122276B7A"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet_mdh_841_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "EAEF7742-A151-4139-A664-DE482CC1B830"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet_mdh_841:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B1C27B28-A5ED-4C25-B0B9-14D1E89A414B"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet_mdh_859_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "3AC171EC-9196-4DFA-A07F-C4DC8D1037DD"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet_mdh_859:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "35427F3B-13D9-42E4-8547-0DC3A2B03662"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redlion:mbnet_mdh_835_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "7.3.2" ,
"matchCriteriaId" : "967284B7-89DE-41E7-AD1F-61F0F3530944"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:redlion:mbnet_mdh_835:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "53DA2CB3-9C62-4CE1-8DB8-2E7378D162E4"
}
]
}
]
}
] ,
2023-08-17 16:00:36 +00:00
"references" : [
{
"url" : "https://cert.vde.com/en/advisories/VDE-2023-012/" ,
2023-08-23 22:00:29 +00:00
"source" : "info@cert.vde.com" ,
"tags" : [
"Third Party Advisory"
]
2023-08-17 16:00:36 +00:00
} ,
{
"url" : "https://cert.vde.com/en/advisories/VDE-2023-029/" ,
2023-08-23 22:00:29 +00:00
"source" : "info@cert.vde.com" ,
"tags" : [
"Third Party Advisory"
]
2023-08-17 16:00:36 +00:00
}
]
}
