admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-366xx/CVE-2023-36611.json
cad-safe-bot 4c46253886 Auto-Update: 2023-07-07T22:00:28.479249+00:00
2023-07-07 22:00:32 +00:00

222 lines
6.0 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-36611",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-03T21:15:10.037",
"lastModified": "2023-07-07T21:40:07.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nThe affected TBox RTUs allow low privilege users to access software security tokens of higher privilege. This could allow an attacker with \u201cuser\u201d privileges to access files requiring higher privileges by establishing an SSH session and providing the other tokens.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ovarro:tbox_ms-cpu32_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.50.598",
"matchCriteriaId": "72CE5CAF-635F-4B1E-9440-3F745BA4A8BC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ovarro:tbox_ms-cpu32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0746C27E-6100-430A-8005-F71C8D24E827"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ovarro:tbox_ms-cpu32-s2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.50.598",
"matchCriteriaId": "EC6FAD9F-D3BE-4E69-A2EE-D08494FC5866"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ovarro:tbox_ms-cpu32-s2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1753583A-93AC-4DBE-8E2C-A4816B8D1D11"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ovarro:tbox_lt2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.50.598",
"matchCriteriaId": "659B7A35-F886-44E9-9E1B-550B50F3C0F5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ovarro:tbox_lt2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AACB5343-6982-4BC9-8173-E62160DF4595"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ovarro:tbox_tg2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.50.598",
"matchCriteriaId": "54A1620A-B664-4D8F-A34F-B6E07CC5BE33"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ovarro:tbox_tg2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551340E5-D721-40F1-8D14-CBF87A68BFB3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ovarro:tbox_rm2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.50.598",
"matchCriteriaId": "DD6F3E7D-E5E9-44E1-B066-5D6382C30D2E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ovarro:tbox_rm2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F73C576F-9BAB-4C8E-9B47-9C930B67C910"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-03",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Mitigation",
"Third Party Advisory",
"US Government Resource"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink