Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid connection is established with the database. However, these PHP pages do not verify the validity of a user. Attackers could leverage this lack of verification to read the state of outlets.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-22-263-03 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2022-12-21T22:29:36.679Z
Updated: 2024-08-03T01:00:10.778Z
Reserved: 2022-09-12T20:22:59.954Z
Link: CVE-2022-3187
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-12-21T23:15:09.787
Modified: 2024-11-21T07:19:00.227
Link: CVE-2022-3187
Redhat
No data.