Common Weakness Enumeration
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Show details on NVD website
Back to CWE stats page
CWE-1188
Initialization of a Resource with an Insecure Default
The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.
CVE-2023-33949 (GCVE-0-2023-33949)
Vulnerability from cvelistv5 – Published: 2023-05-24 16:01 – Updated: 2024-10-22 15:51
VLAI
Summary
In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don't control. The portal property `company.security.strangers.verify` should be set to true.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Insecure Default Initialization of Resource
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://liferay.dev/portal/security/known-vulnera… | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33949"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-33949",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T15:48:38.903885Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T15:51:31.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Portal",
"vendor": "Liferay",
"versions": [
{
"lessThanOrEqual": "7.3.0",
"status": "affected",
"version": "0",
"versionType": "maven"
}
]
},
{
"defaultStatus": "unaffected",
"product": "DXP",
"vendor": "Liferay",
"versions": [
{
"lessThan": "7.3.10",
"status": "affected",
"version": "0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don\u0027t control. The portal property `company.security.strangers.verify` should be set to true."
}
],
"value": "In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.2 and earlier the default configuration does not require users to verify their email address, which allows remote attackers to create accounts using fake email addresses or email addresses which they don\u0027t control. The portal property `company.security.strangers.verify` should be set to true."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-24T16:01:55.501Z",
"orgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"shortName": "Liferay"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33949"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "8b54e794-c6f0-462e-9faa-c1001a673ac3",
"assignerShortName": "Liferay",
"cveId": "CVE-2023-33949",
"datePublished": "2023-05-24T16:01:55.501Z",
"dateReserved": "2023-05-24T02:36:00.165Z",
"dateUpdated": "2024-10-22T15:51:31.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3453 (GCVE-0-2023-3453)
Vulnerability from cvelistv5 – Published: 2023-08-23 21:14 – Updated: 2024-09-30 19:13
VLAI
Title
ETIC Telecom Insecure Default Initialization of Resource
Summary
ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.
Severity
7.1 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Insecure Default Initialization of Resource
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ETIC Telecom | Remote Access Server (RAS) |
Affected:
0 , ≤ 4.7.0
(custom)
|
Date Public
2023-07-27 19:05
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:55:03.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T19:09:13.772804Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T19:13:47.408Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Remote Access Server (RAS)",
"vendor": "ETIC Telecom",
"versions": [
{
"lessThanOrEqual": "4.7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Haviv Vaizman of OTORIO"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hay Mizrachi of OTORIO"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Alik Koldobsky of OTORIO"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Ofir Manzur of OTORIO"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nikolay Sokolik of OTORIO"
}
],
"datePublic": "2023-07-27T19:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.\u003c/span\u003e\n\n"
}
],
"value": "\nETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-23T21:14:17.553Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eETIC Telecom RAS: \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.etictelecom.com/en/softwares-download/\"\u003eversion 4.9.0 or later\u003c/a\u003e"
}
],
"value": "Update to\u00a0ETIC Telecom RAS: version 4.9.0 or later https://www.etictelecom.com/en/softwares-download/ "
}
],
"source": {
"advisory": "ICSA-23-208-01",
"discovery": "EXTERNAL"
},
"title": "ETIC Telecom Insecure Default Initialization of Resource",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eETIC Telecom recommends enabling the authentication mechanism on the administration interface. This can be done on the page \u201c\u0026gt; Setup \u0026gt; Security \u0026gt; Administration right\u201d by creating an administrator on the \u201cList of administrators\u201d table, enabling the parameter \u201cPassword protect the configuration interface,\u201d then setting the parameter \u201cProtocols to use for configuration\u201d to \u201cHTTPs only\u201d.\u003c/p\u003e\u003cp\u003eNOTE: for firmware versions 4.9.0 or later, enabling the administration protection is mandatory after the first product start.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nETIC Telecom recommends enabling the authentication mechanism on the administration interface. This can be done on the page \u201c\u003e Setup \u003e Security \u003e Administration right\u201d by creating an administrator on the \u201cList of administrators\u201d table, enabling the parameter \u201cPassword protect the configuration interface,\u201d then setting the parameter \u201cProtocols to use for configuration\u201d to \u201cHTTPs only\u201d.\n\nNOTE: for firmware versions 4.9.0 or later, enabling the administration protection is mandatory after the first product start.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-3453",
"datePublished": "2023-08-23T21:14:17.553Z",
"dateReserved": "2023-06-28T20:05:19.353Z",
"dateUpdated": "2024-09-30T19:13:47.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3485 (GCVE-0-2023-3485)
Vulnerability from cvelistv5 – Published: 2023-06-30 17:37 – Updated: 2024-10-28 13:05
VLAI
Title
Insecure Default Authorization in Temporal Server
Summary
Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires the namespace UUID and information from the workflow history for the target namespace. Under these conditions, it is possible to interfere with pending tasks in other namespaces, such as marking a task failed or completed.
If a task is targeted for completion by the attacker, the targeted namespace must also be using the same data converter configuration as the initial, valid, namespace for the task completion payload to be decoded by workers in the target namespace.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Temporal Technologies Inc. | Temporal Server |
Affected:
1.9.1 , < 1.20
(semver)
|
Date Public
2023-07-03 15:30
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:55:03.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/temporalio/temporal/releases/tag/v1.20.0"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3485",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T13:04:57.081536Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T13:05:11.946Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/temporalio",
"defaultStatus": "unaffected",
"packageName": "temporal",
"product": "Temporal Server",
"programFiles": [
"https://github.com/temporalio/temporal/blob/master/service/frontend/service.go"
],
"repo": "https://github.com/temporalio/temporal",
"vendor": "Temporal Technologies Inc.",
"versions": [
{
"lessThan": "1.20",
"status": "affected",
"version": "1.9.1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jacob LeGrone"
}
],
"datePublic": "2023-07-03T15:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires the namespace UUID and information from the workflow history for the target namespace. Under these conditions, it is possible to interfere with pending tasks in other namespaces, such as marking a task failed or completed.\u003cbr\u003eIf a task is targeted for completion by the attacker, the targeted namespace must also be using the same data converter configuration as the initial, valid, namespace for the task completion payload to be decoded by workers in the target namespace.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires the namespace UUID and information from the workflow history for the target namespace. Under these conditions, it is possible to interfere with pending tasks in other namespaces, such as marking a task failed or completed.\nIf a task is targeted for completion by the attacker, the targeted namespace must also be using the same data converter configuration as the initial, valid, namespace for the task completion payload to be decoded by workers in the target namespace.\n\n\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization3 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-30T17:38:22.233Z",
"orgId": "61241ed8-fa44-4f23-92db-b8c443751968",
"shortName": "Temporal"
},
"references": [
{
"url": "https://github.com/temporalio/temporal/releases/tag/v1.20.0"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eSet \u0026nbsp;\u003c/span\u003e\u003ccode\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/temporalio/temporal/pull/3798\"\u003efrontend.enableTokenNamespaceEnforcement\u003c/a\u003e\u0026nbsp;\u003c/code\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eto \u003c/span\u003e\u003ctt\u003etrue\u003c/tt\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u0026nbsp; \u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eUpgrade to version 1.20 or above, where this is the default\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": " * Set \u00a0 frontend.enableTokenNamespaceEnforcement https://github.com/temporalio/temporal/pull/3798 \u00a0to true\u00a0 \n * Upgrade to version 1.20 or above, where this is the default\n\n\n"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure Default Authorization in Temporal Server",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "61241ed8-fa44-4f23-92db-b8c443751968",
"assignerShortName": "Temporal",
"cveId": "CVE-2023-3485",
"datePublished": "2023-06-30T17:37:57.772Z",
"dateReserved": "2023-06-30T17:29:17.808Z",
"dateUpdated": "2024-10-28T13:05:11.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40708 (GCVE-0-2023-40708)
Vulnerability from cvelistv5 – Published: 2023-08-24 16:08 – Updated: 2024-10-02 20:20
VLAI
Title
Improper Access Control in OPTO 22 SNAP PAC S1
Summary
The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files.
Severity
5.8 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Insecure Default Initialization of Resource
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| OPTO 22 | SNAP PAC S1 |
Affected:
R10.3b
|
|
| opto22 | snap_pac_s1 |
Affected:
r10.3b
cpe:2.3:h:opto22:snap_pac_s1:-:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:38:51.079Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-02"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:opto22:snap_pac_s1:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "snap_pac_s1",
"vendor": "opto22",
"versions": [
{
"status": "affected",
"version": "r10.3b"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40708",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T20:19:28.525178Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T20:20:36.186Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SNAP PAC S1",
"vendor": "OPTO 22",
"versions": [
{
"status": "affected",
"version": "R10.3b"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nicolas Cano"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files."
}
],
"value": "The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T15:39:04.863Z",
"orgId": "12bdf821-1545-4a87-aac5-61670cc6fcef",
"shortName": "Dragos"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-02"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Access Control in OPTO 22 SNAP PAC S1",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "12bdf821-1545-4a87-aac5-61670cc6fcef",
"assignerShortName": "Dragos",
"cveId": "CVE-2023-40708",
"datePublished": "2023-08-24T16:08:23.730Z",
"dateReserved": "2023-08-18T19:31:53.417Z",
"dateUpdated": "2024-10-02T20:20:36.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5368 (GCVE-0-2023-5368)
Vulnerability from cvelistv5 – Published: 2023-10-04 03:38 – Updated: 2024-08-02 07:59
VLAI
Title
msdosfs data disclosure
Summary
On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes.
This may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).
Severity
No CVSS data available.
CWE
- CWE-1188 - Insecure Default Initialization of Resource
Assigner
References
3 references
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:43.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:12.msdosfs.asc"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231124-0004/"
},
{
"tags": [
"x_transferred"
],
"url": "https://dfir.ru/2023/11/01/bringing-unallocated-data-back-the-fat12-16-32-case/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"msdosfs"
],
"product": "FreeBSD",
"vendor": "FreeBSD",
"versions": [
{
"lessThan": "p4",
"status": "affected",
"version": "13.2-RELEASE",
"versionType": "release"
},
{
"lessThan": "p6",
"status": "affected",
"version": "12.4-RELEASE",
"versionType": "release"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Maxim Suhanov"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eOn an msdosfs filesystem, the \u0027truncate\u0027 or \u0027ftruncate\u0027 system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes.\u003c/p\u003e\u003cp\u003eThis may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).\u003c/p\u003e"
}
],
"value": "On an msdosfs filesystem, the \u0027truncate\u0027 or \u0027ftruncate\u0027 system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes.\n\nThis may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file).\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-29T20:59:57.519Z",
"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"shortName": "freebsd"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:12.msdosfs.asc"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231124-0004/"
},
{
"url": "https://dfir.ru/2023/11/01/bringing-unallocated-data-back-the-fat12-16-32-case/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "msdosfs data disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109",
"assignerShortName": "freebsd",
"cveId": "CVE-2023-5368",
"datePublished": "2023-10-04T03:38:09.357Z",
"dateReserved": "2023-10-03T21:14:20.733Z",
"dateUpdated": "2024-08-02T07:59:43.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-6448 (GCVE-0-2023-6448)
Vulnerability from cvelistv5 – Published: 2023-12-05 17:43 – Updated: 2025-10-21 23:05
VLAI
Title
Unitronics VisiLogic uses a default administrative password
Summary
Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.
Severity
9.8 (Critical)
SSVC
Exploitation: active
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Insecure Default Initialization of Resource
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/alerts/2023/11/2… | government-resource |
| https://www.unitronicsplc.com/cyber_security_visi… | |
| https://downloads.unitronicsplc.com/Sites/plc/Vis… | release-notes |
| https://downloads.unitronicsplc.com/Sites/plc/Tec… | vendor-advisory |
| https://www.cisa.gov/known-exploited-vulnerabilit… | government-resource |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unitronics | VisiLogic |
Affected:
0 , < 9.9.00
(custom)
|
|
| unitronics | visilogic |
Affected:
0 , < 9.9.00
(custom)
cpe:2.3:a:unitronics:visilogic:*:*:*:*:*:*:*:* |
Date Public
2023-11-28 05:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:28:21.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"government-resource",
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.unitronicsplc.com/cyber_security_vision-samba/"
},
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://downloads.unitronicsplc.com/Sites/plc/Visilogic/Version_Changes-Bug_Reports/VisiLogic%209.9.00%20Version%20changes.pdf"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://downloads.unitronicsplc.com/Sites/plc/Technical_Library/Unitronics-Cybersecurity-Advisory-2023-001-CVE-2023-6448.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:unitronics:visilogic:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "visilogic",
"vendor": "unitronics",
"versions": [
{
"lessThan": "9.9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6448",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-06T14:07:21.216497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-12-11",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-6448"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:30.290Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-6448"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-12-11T00:00:00.000Z",
"value": "CVE-2023-6448 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "VisiLogic",
"vendor": "Unitronics",
"versions": [
{
"lessThan": "9.9.00",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-11-28T05:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system.\u003cbr\u003e"
}
],
"value": "Unitronics VisiLogic before version 9.9.00, used in Vision and Samba PLCs and HMIs, uses a default administrative password. An unauthenticated attacker with network access can take administrative control of a vulnerable system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-19T16:23:39.022Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems"
},
{
"url": "https://www.unitronicsplc.com/cyber_security_vision-samba/"
},
{
"tags": [
"release-notes"
],
"url": "https://downloads.unitronicsplc.com/Sites/plc/Visilogic/Version_Changes-Bug_Reports/VisiLogic%209.9.00%20Version%20changes.pdf"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://downloads.unitronicsplc.com/Sites/plc/Technical_Library/Unitronics-Cybersecurity-Advisory-2023-001-CVE-2023-6448.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unitronics VisiLogic uses a default administrative password",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2023-6448",
"datePublished": "2023-12-05T17:43:40.451Z",
"dateReserved": "2023-11-30T18:40:51.463Z",
"dateUpdated": "2025-10-21T23:05:30.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0001 (GCVE-0-2024-0001)
Vulnerability from cvelistv5 – Published: 2024-09-23 17:25 – Updated: 2024-09-23 17:57
VLAI
Summary
A condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially allowing a malicious actor to gain elevated privileges.
Severity
10 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Insecure Default Initialization of Resource
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://purestorage.com/security | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Pure Storage | FlashArray |
Affected:
6.3.0 , ≤ 6.3.14
(custom)
Affected: 6.4.0 , ≤ 6.4.10 (custom) |
|
| purestorage | flasharray |
Affected:
6.3.0 , ≤ 6.3.14
(custom)
cpe:2.3:a:purestorage:flasharray:6.3.0:*:*:*:*:*:*:* |
|
| purestorage | flasharray |
Affected:
6.4.0 , ≤ 6.4.10
(custom)
cpe:2.3:a:purestorage:flasharray:6.4.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:purestorage:flasharray:6.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "flasharray",
"vendor": "purestorage",
"versions": [
{
"lessThanOrEqual": "6.3.14",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:purestorage:flasharray:6.4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "flasharray",
"vendor": "purestorage",
"versions": [
{
"lessThanOrEqual": "6.4.10",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-23T17:51:47.992533Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T17:57:24.819Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Purity"
],
"product": "FlashArray",
"vendor": "Pure Storage",
"versions": [
{
"lessThanOrEqual": "6.3.14",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "6.4.10",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially allowing a malicious actor to gain elevated privileges.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A condition exists in FlashArray Purity whereby a local account intended for initial array configuration remains active potentially allowing a malicious actor to gain elevated privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-23T17:34:40.076Z",
"orgId": "3895c224-4e1d-482a-adb3-fa64795683ac",
"shortName": "PureStorage"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://purestorage.com/security"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAffected customers will need to apply a self-service patch bundle or upgrade their Purity to an unaffected Purity version.\n\u003cbr\u003e\n\u003cbr\u003eThis issue is resolved in the following\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;FlashArray Purity \u003c/span\u003e releases:\n\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePurity//FA versions 6.3.15 or later\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePurity//FA versions 6.5.1 or later\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ePurity//FA versions 6.6.1 or later.\u0026nbsp;\u003c/span\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e"
}
],
"value": "Affected customers will need to apply a self-service patch bundle or upgrade their Purity to an unaffected Purity version.\n\n\n\nThis issue is resolved in the following\u00a0FlashArray Purity releases:\n\n * Purity//FA versions 6.3.15 or later\u00a0\n * Purity//FA versions 6.5.1 or later\u00a0\n * Purity//FA versions 6.6.1 or later."
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "3895c224-4e1d-482a-adb3-fa64795683ac",
"assignerShortName": "PureStorage",
"cveId": "CVE-2024-0001",
"datePublished": "2024-09-23T17:25:00.509Z",
"dateReserved": "2023-11-01T17:08:46.055Z",
"dateUpdated": "2024-09-23T17:57:24.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0387 (GCVE-0-2024-0387)
Vulnerability from cvelistv5 – Published: 2024-02-26 13:26 – Updated: 2024-10-28 06:15
VLAI
Title
EDS-4000/G4000 Series IP Forwarding Vulnerability
Summary
The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Insecure Default Initialization of Resource
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.moxa.com/en/support/product-support/s… | vendor-advisory |
Impacted products
7 products
| Vendor | Product | Version | |
|---|---|---|---|
| Moxa | EDS-4008 Series |
Affected:
1.0 , ≤ 3.2
(custom)
|
|
| Moxa | EDS-4009 Series |
Affected:
1.0 , ≤ 3.2
(custom)
|
|
| Moxa | EDS-4012 Series |
Affected:
1.0 , ≤ 3.2
(custom)
|
|
| Moxa | EDS-4014 Series |
Affected:
1.0 , ≤ 3.2
(custom)
|
|
| Moxa | EDS-G4008 Series |
Affected:
1.0 , ≤ 3.2
(custom)
|
|
| Moxa | EDS-G4012 Series |
Affected:
1.0 , ≤ 3.2
(custom)
|
|
| Moxa | EDS-G4014 Series |
Affected:
1.0 , ≤ 3.2
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-04T21:29:32.295308Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:21.711Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:04:49.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-237129-eds-4000-g4000-series-ip-forwarding-vulnerability?viewmode=0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EDS-4008 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-4009 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-4012 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-4014 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G4008 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G4012 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G4014 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests.\u003c/p\u003e"
}
],
"value": "The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users cannot deactivate. An attacker may be able to send requests to the product and have it forwarded to the target. An attacker can bypass access controls or hide the source of malicious requests."
}
],
"impacts": [
{
"capecId": "CAPEC-465",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-465: Transparent Proxy Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T06:15:50.712Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-237129-eds-4000-g4000-series-ip-forwarding-vulnerability?viewmode=0"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMoxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.\u003c/p\u003e\u003cp\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eEDS-4000/G4000 Series: Please contact Moxa Technical Support for the security patch (v3.2.26).\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.\n\n\n\n * EDS-4000/G4000 Series: Please contact Moxa Technical Support for the security patch (v3.2.26)."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "EDS-4000/G4000 Series IP Forwarding Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2024-0387",
"datePublished": "2024-02-26T13:26:56.551Z",
"dateReserved": "2024-01-10T00:03:24.382Z",
"dateUpdated": "2024-10-28T06:15:50.712Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22207 (GCVE-0-2024-22207)
Vulnerability from cvelistv5 – Published: 2024-01-15 15:40 – Updated: 2025-06-17 14:34
VLAI
Title
Default swagger-ui configuration exposes all files in the module
Summary
fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module's directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting the `baseDir` option can also work around this vulnerability.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Insecure Default Initialization of Resource
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/fastify/fastify-swagger-ui/sec… | x_refsource_CONFIRM |
| https://github.com/fastify/fastify-swagger-ui/com… | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2024021… |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| fastify | fastify-swagger-ui |
Affected:
< 2.1.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:35:34.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/fastify/fastify-swagger-ui/security/advisories/GHSA-62jr-84gf-wmg4",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/fastify/fastify-swagger-ui/security/advisories/GHSA-62jr-84gf-wmg4"
},
{
"name": "https://github.com/fastify/fastify-swagger-ui/commit/13d799a2c5f14d3dd5b15892e03bbcbae63ee6f7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/fastify/fastify-swagger-ui/commit/13d799a2c5f14d3dd5b15892e03bbcbae63ee6f7"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240216-0002/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T14:34:31.540245Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T14:34:45.374Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "fastify-swagger-ui",
"vendor": "fastify",
"versions": [
{
"status": "affected",
"version": "\u003c 2.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "fastify-swagger-ui is a Fastify plugin for serving Swagger UI. Prior to 2.1.0, the default configuration of `@fastify/swagger-ui` without `baseDir` set will lead to all files in the module\u0027s directory being exposed via http routes served by the module. The vulnerability is fixed in v2.1.0. Setting the `baseDir` option can also work around this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188: Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-16T13:05:51.826Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/fastify/fastify-swagger-ui/security/advisories/GHSA-62jr-84gf-wmg4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/fastify/fastify-swagger-ui/security/advisories/GHSA-62jr-84gf-wmg4"
},
{
"name": "https://github.com/fastify/fastify-swagger-ui/commit/13d799a2c5f14d3dd5b15892e03bbcbae63ee6f7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/fastify/fastify-swagger-ui/commit/13d799a2c5f14d3dd5b15892e03bbcbae63ee6f7"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240216-0002/"
}
],
"source": {
"advisory": "GHSA-62jr-84gf-wmg4",
"discovery": "UNKNOWN"
},
"title": "Default swagger-ui configuration exposes all files in the module"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-22207",
"datePublished": "2024-01-15T15:40:35.252Z",
"dateReserved": "2024-01-08T04:59:27.373Z",
"dateUpdated": "2025-06-17T14:34:45.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22388 (GCVE-0-2024-22388)
Vulnerability from cvelistv5 – Published: 2024-02-06 23:06 – Updated: 2025-05-07 20:06
VLAI
Title
Insecure Default Initialization of Resource in HID Global
Summary
Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1188 - Insecure Default Initialization of Resource
Assigner
References
2 references
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| HID Global | iCLASS SE CP1000 Encoder |
Affected:
All
|
|
| HID Global | iCLASS SE Readers |
Affected:
All
|
|
| HID Global | iCLASS SE Reader Modules |
Affected:
All
|
|
| HID Global | iCLASS SE Processors |
Affected:
All
|
|
| HID Global | OMNIKEY 5427CK Readers |
Affected:
All
|
|
| HID Global | OMNIKEY 5127CK Readers |
Affected:
All
|
|
| HID Global | OMNIKEY 5023 Readers |
Affected:
All
|
|
| HID Global | OMNIKEY 5027 Readers |
Affected:
All
|
Date Public
2024-02-06 17:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.hidglobal.com/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T05:16:03.307503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T20:06:09.019Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "iCLASS SE CP1000 Encoder",
"vendor": "HID Global",
"versions": [
{
"status": "affected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iCLASS SE Readers",
"vendor": "HID Global",
"versions": [
{
"status": "affected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iCLASS SE Reader Modules",
"vendor": "HID Global",
"versions": [
{
"status": "affected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "iCLASS SE Processors",
"vendor": "HID Global",
"versions": [
{
"status": "affected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "OMNIKEY 5427CK Readers",
"vendor": "HID Global",
"versions": [
{
"status": "affected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "OMNIKEY 5127CK Readers",
"vendor": "HID Global",
"versions": [
{
"status": "affected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "OMNIKEY 5023 Readers",
"vendor": "HID Global",
"versions": [
{
"status": "affected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "OMNIKEY 5027 Readers",
"vendor": "HID Global",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "HID Global reported this vulnerability to CISA."
}
],
"datePublic": "2024-02-06T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCertain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys.\u003c/span\u003e"
}
],
"value": "Certain configuration available in the communication channel for encoders could expose sensitive data when reader configuration cards are programmed. This data could include credential and device administration keys."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T18:44:10.399Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-037-01"
},
{
"url": "https://support.hidglobal.com/"
}
],
"source": {
"advisory": "ICSA-24-037-01",
"discovery": "INTERNAL"
},
"title": "Insecure Default Initialization of Resource in HID Global",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eHID advises users to take the following steps to mitigate these threats.\u003c/p\u003e\u003cp\u003eProtect your reader configuration cards.\u003c/p\u003e\u003cul\u003e\u003cli\u003eA malicious encoder or reader must be physically close to the reader configuration cards to communicate with them and extract information. Elite Key and Custom Key users that have kept their configuration cards secure should continue to be vigilant and restrict access to those cards.\u003cbr\u003eHID standard key users and other users who are concerned their keys may be compromised should consider steps to update the readers and credentials with new keys. To assist in this effort, HID will be introducing a free upgrade to the Elite Key program. Contact your HID representative for more information.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eProtect your credentials and disable legacy technologies.\u003c/p\u003e\u003cul\u003e\u003cli\u003eReading the PACS data from a credential is not enough to clone the credential for modern technologies like Seos and DESFire. These technologies use a credential key for authentication. However, if a system\u0027s readers still support legacy technologies (i.e., HID Prox, MiFARE Classic, etc.), then it may be possible to insert the credential information into a legacy technology credential that would be accepted by those readers. Users are encouraged to disable legacy credential technologies in their readers.\u003cbr\u003eFurther, physical credentials should always be kept safe by their users, and site managers should remind their users to be vigilant with their credentials and report missing or stolen cards.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eHarden your iCLASS SE Readers from configuration changes\u003c/p\u003e\u003cul\u003e\u003cli\u003eiCLASS SE Readers using firmware firmware version 8.6.04 or higher can use the HID Reader Manager application to prevent the readers from accepting configuration changes from configuration cards. After this is complete, users may then securely destroy their reader configuration cards.\u003cbr\u003eIf you need assistance, or if the reader firmware has not been updated to 8.6.04 or higher, contact HID Technical Support.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eHarden your HID OMNIKEY Readers, HID iCLASS SE Reader Modules, HID iCLASS SE Processors from configuration changes\u003c/p\u003e\u003cul\u003e\u003cli\u003eContact \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.hidglobal.com/support\"\u003eHID\u003c/a\u003e\u0026nbsp;to receive a \"Shield Card\" that will prevent further configuration changes using reader configuration cards. After this is complete, users may then securely destroy their reader configuration cards.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "HID advises users to take the following steps to mitigate these threats.\n\nProtect your reader configuration cards.\n\n * A malicious encoder or reader must be physically close to the reader configuration cards to communicate with them and extract information. Elite Key and Custom Key users that have kept their configuration cards secure should continue to be vigilant and restrict access to those cards.\nHID standard key users and other users who are concerned their keys may be compromised should consider steps to update the readers and credentials with new keys. To assist in this effort, HID will be introducing a free upgrade to the Elite Key program. Contact your HID representative for more information.\n\n\nProtect your credentials and disable legacy technologies.\n\n * Reading the PACS data from a credential is not enough to clone the credential for modern technologies like Seos and DESFire. These technologies use a credential key for authentication. However, if a system\u0027s readers still support legacy technologies (i.e., HID Prox, MiFARE Classic, etc.), then it may be possible to insert the credential information into a legacy technology credential that would be accepted by those readers. Users are encouraged to disable legacy credential technologies in their readers.\nFurther, physical credentials should always be kept safe by their users, and site managers should remind their users to be vigilant with their credentials and report missing or stolen cards.\n\n\nHarden your iCLASS SE Readers from configuration changes\n\n * iCLASS SE Readers using firmware firmware version 8.6.04 or higher can use the HID Reader Manager application to prevent the readers from accepting configuration changes from configuration cards. After this is complete, users may then securely destroy their reader configuration cards.\nIf you need assistance, or if the reader firmware has not been updated to 8.6.04 or higher, contact HID Technical Support.\n\n\nHarden your HID OMNIKEY Readers, HID iCLASS SE Reader Modules, HID iCLASS SE Processors from configuration changes\n\n * Contact HID https://www.hidglobal.com/support \u00a0to receive a \"Shield Card\" that will prevent further configuration changes using reader configuration cards. After this is complete, users may then securely destroy their reader configuration cards."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-22388",
"datePublished": "2024-02-06T23:06:07.942Z",
"dateReserved": "2024-01-25T17:05:42.446Z",
"dateUpdated": "2025-05-07T20:06:09.019Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.