CVE-2023-3762 - OpenCVE

A vulnerability was found in Intergard SGS 8.7.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to cleartext storage of sensitive information in memory. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-234447. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Intergard	Smartgard Silver With Matrix Keyboard

Configuration 1 [-]

cpe:2.3:a:intergard:smartgard_silver_with_matrix_keyboard:8.7.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://vuldb.com/?ctiid.234447
https://vuldb.com/?id.234447
https://youtu.be/Ee2KU-T_0pI

History

No history.

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2023-07-19T06:31:03.558Z

Updated: 2024-08-02T07:08:50.127Z

Reserved: 2023-07-18T19:29:30.097Z

Link: CVE-2023-3762

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-07-19T07:15:08.813

Modified: 2024-05-17T02:27:46.423

Link: CVE-2023-3762

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-3762", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2023-07-18T19:29:30.097Z", "datePublished": "2023-07-19T06:31:03.558Z", "dateUpdated": "2024-08-02T07:08:50.127Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2023-10-23T17:36:24.565Z"}, "title": "Intergard SGS sensitive information in memory", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-316", "lang": "en", "description": "CWE-316 Cleartext Storage of Sensitive Information in Memory"}]}], "affected": [{"vendor": "Intergard", "product": "SGS", "versions": [{"version": "8.7.0", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Intergard SGS 8.7.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to cleartext storage of sensitive information in memory. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-234447. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "Es wurde eine Schwachstelle in Intergard SGS 8.7.0 ausgemacht. Sie wurde als problematisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion. Durch Manipulation mit unbekannten Daten kann eine cleartext storage of sensitive information in memory-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}], "timeline": [{"time": "2023-07-18T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2023-07-18T00:00:00.000Z", "lang": "en", "value": "CVE reserved"}, {"time": "2023-07-18T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2023-08-09T16:04:49.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "hiagomoura (VulDB User)", "type": "analyst"}], "references": [{"url": "https://vuldb.com/?id.234447", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.234447", "tags": ["signature", "permissions-required"]}, {"url": "https://youtu.be/Ee2KU-T_0pI", "tags": ["exploit", "media-coverage"]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:08:50.127Z"}, "title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.234447", "tags": ["vdb-entry", "technical-description", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.234447", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://youtu.be/Ee2KU-T_0pI", "tags": ["exploit", "media-coverage", "x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intergard:smartgard_silver_with_matrix_keyboard:8.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "92528C7D-5612-4DFC-BB5F-D1CE1F276820", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Intergard SGS 8.7.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to cleartext storage of sensitive information in memory. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-234447. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2023-3762", "lastModified": "2024-05-17T02:27:46.423", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2023-07-19T07:15:08.813", "references": [{"source": "cna@vuldb.com", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://vuldb.com/?ctiid.234447"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://vuldb.com/?id.234447"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required"], "url": "https://youtu.be/Ee2KU-T_0pI"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-312"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-316"}], "source": "cna@vuldb.com", "type": "Secondary"}]}