admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-41xx/CVE-2023-4149.json
cad-safe-bot 5fc0b01395 Auto-Update: 2024-12-15T03:00:19.262894+00:00
2024-12-15 03:03:56 +00:00

156 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-4149",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-11-21T07:15:10.093",
"lastModified": "2024-11-21T08:34:29.230",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management allows an unauthenticated remote attacker to inject arbitrary system commands and gain full system control. Those commands are executed with root privileges. The vulnerability is located in the user request handling of the web-based management."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la administraci\u00f3n basada en web permite a un atacante remoto no autenticado inyectar comandos arbitrarios del sistema y obtener control total del sistema. Esos comandos se ejecutan con privilegios de root. La vulnerabilidad se encuentra en el manejo de solicitudes de usuario de la administraci\u00f3n basada en web."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:0852-0602_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.6.s0",
"matchCriteriaId": "1E566DF8-4C11-477B-A3BA-760ED872B25B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:0852-0602:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F7F63C-9E81-496F-ACB9-813588092E70"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:0852-0603_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.6.s0",
"matchCriteriaId": "00934DAB-5B90-42F5-B31C-BCF4563D55D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:0852-0603:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F4983F7-80F3-499D-AE4C-500EACAE2116"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:0852-1605_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.5.s0",
"matchCriteriaId": "6507316E-3396-4E54-BA71-AA7BDD673D29"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:0852-1605:-:*:*:*:*:*:*:*",
"matchCriteriaId": "946F6CAD-36DF-4D46-96AE-E69C8DFC30F7"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-037",
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-037",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink