{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-31728", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-11-01T19:04:41.139Z", "dateReserved": "2023-04-29T00:00:00", "datePublished": "2024-02-17T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-02-17T04:00:26.166063"}, "descriptions": [{"lang": "en", "value": "Teltonika RUT240 devices with firmware before 07.04.2, when bridge mode is used, sometimes make SSH and HTTP services available on the IPv6 WAN interface even though the UI shows that they are only available on the LAN interface."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://research.exoticsilicon.com/articles/lte_ethernet_bridge_bug_followup"}, {"url": "https://research.exoticsilicon.com/news"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:56:35.560Z"}, "title": "CVE Program Container", "references": [{"url": "https://research.exoticsilicon.com/articles/lte_ethernet_bridge_bug_followup", "tags": ["x_transferred"]}, {"url": "https://research.exoticsilicon.com/news", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "affected": [{"vendor": "teltonika-networks", "product": "rut240_firmware", "cpes": ["cpe:2.3:o:teltonika-networks:rut240_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "07.04.2", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-11-01T18:57:08.545750Z", "id": "CVE-2023-31728", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-01T19:04:41.139Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://research.exoticsilicon.com/articles/lte_ethernet_bridge_bug_followup", "tags": ["x_transferred"]}, {"url": "https://research.exoticsilicon.com/news", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:56:35.560Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-31728", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-01T18:57:08.545750Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:teltonika-networks:rut240_firmware:-:*:*:*:*:*:*:*"], "vendor": "teltonika-networks", "product": "rut240_firmware", "versions": [{"status": "affected", "version": "0", "lessThan": "07.04.2", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T13:31:56.433Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://research.exoticsilicon.com/articles/lte_ethernet_bridge_bug_followup"}, {"url": "https://research.exoticsilicon.com/news"}], "descriptions": [{"lang": "en", "value": "Teltonika RUT240 devices with firmware before 07.04.2, when bridge mode is used, sometimes make SSH and HTTP services available on the IPv6 WAN interface even though the UI shows that they are only available on the LAN interface."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-02-17T04:00:26.166063"}}}, "cveMetadata": {"cveId": "CVE-2023-31728", "state": "PUBLISHED", "dateUpdated": "2024-11-01T19:04:41.139Z", "dateReserved": "2023-04-29T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-02-17T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "Teltonika RUT240 devices with firmware before 07.04.2, when bridge mode is used, sometimes make SSH and HTTP services available on the IPv6 WAN interface even though the UI shows that they are only available on the LAN interface."}, {"lang": "es", "value": "Los dispositivos Teltonika RUT240 con firmware anterior a 07.04.2, cuando se utiliza el modo puente, a veces hacen que los servicios SSH y HTTP est\u00e9n disponibles en la interfaz WAN IPv6 aunque la interfaz de usuario muestre que solo est\u00e1n disponibles en la interfaz LAN."}], "id": "CVE-2023-31728", "lastModified": "2024-11-21T08:02:13.123", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-02-17T04:15:07.503", "references": [{"source": "cve@mitre.org", "url": "https://research.exoticsilicon.com/articles/lte_ethernet_bridge_bug_followup"}, {"source": "cve@mitre.org", "url": "https://research.exoticsilicon.com/news"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://research.exoticsilicon.com/articles/lte_ethernet_bridge_bug_followup"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://research.exoticsilicon.com/news"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis"}

{}