CVE-2023-38422 - OpenCVE

Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Walchem	Intuition 9 Intuition 9 Firmware

Configuration 1 [-]

AND

cpe:2.3:h:walchem:intuition_9:-:*:*:*:*:*:*:*

cpe:2.3:o:walchem:intuition_9_firmware:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04

History

Thu, 03 Oct 2024 14:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-08-23T21:21:07.642Z

Updated: 2024-10-03T13:40:49.576Z

Reserved: 2023-07-18T21:44:31.730Z

Link: CVE-2023-38422

Vulnrichment

Updated: 2024-08-02T17:39:13.410Z

NVD

Status : Analyzed

Published: 2023-08-23T22:15:08.693

Modified: 2023-09-05T19:41:08.010

Link: CVE-2023-38422

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-38422", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2023-07-18T21:44:31.730Z", "datePublished": "2023-08-23T21:21:07.642Z", "dateUpdated": "2024-10-03T13:40:49.576Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Intuition 9", "vendor": "Walchem", "versions": [{"lessThan": "4.21", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Noam Moshe of Claroty Research - Team82"}], "datePublic": "2023-08-17T21:20:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\"><span style=\"background-color: rgb(255, 255, 255);\">Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data.</span></span><br>"}], "value": "Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data.\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function ", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-08-23T21:21:07.642Z"}, "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Walchem recommends upgrading all Intuition 9 firmware versions to v4.21 or later. The upgrade can be downloaded from the Walchem </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.walchem.com/\">website</a><span style=\"background-color: rgb(255, 255, 255);\">.</span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.walchem.com/\"></a>"}], "value": "Walchem recommends upgrading all Intuition 9 firmware versions to v4.21 or later. The upgrade can be downloaded from the Walchem website https://www.walchem.com/ . https://www.walchem.com/ "}], "source": {"advisory": "icsa-23-229-04", "discovery": "EXTERNAL"}, "title": "Walchem Intuition Missing Authentication for Critical Function ", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:39:13.410Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "walchem", "product": "intuition_9", "cpes": ["cpe:2.3:h:walchem:intuition_9:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "0", "status": "affected", "lessThan": "4.21", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-03T13:40:04.955160Z", "id": "CVE-2023-38422", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-03T13:40:49.576Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:39:13.410Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-38422", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-03T13:40:04.955160Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:walchem:intuition_9:-:*:*:*:*:*:*:*"], "vendor": "walchem", "product": "intuition_9", "versions": [{"status": "affected", "version": "0", "lessThan": "4.21", "versionType": "custom"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-03T13:40:43.854Z"}}], "cna": {"title": "Walchem Intuition Missing Authentication for Critical Function ", "source": {"advisory": "icsa-23-229-04", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Noam Moshe of Claroty Research - Team82"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Walchem", "product": "Intuition 9", "versions": [{"status": "affected", "version": "0", "lessThan": "4.21", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Walchem recommends upgrading all Intuition 9 firmware versions to v4.21 or later. The upgrade can be downloaded from the Walchem website https://www.walchem.com/ . https://www.walchem.com/ ", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Walchem recommends upgrading all Intuition 9 firmware versions to v4.21 or later. The upgrade can be downloaded from the Walchem </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.walchem.com/\">website</a><span style=\"background-color: rgb(255, 255, 255);\">.</span><a target=\"_blank\" rel=\"nofollow\" href=\"https://www.walchem.com/\"></a>", "base64": false}]}], "datePublic": "2023-08-17T21:20:00.000Z", "references": [{"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data.\n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\"><span style=\"background-color: rgb(255, 255, 255);\">Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data.</span></span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function "}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-08-23T21:21:07.642Z"}}}, "cveMetadata": {"cveId": "CVE-2023-38422", "state": "PUBLISHED", "dateUpdated": "2024-10-03T13:40:49.576Z", "dateReserved": "2023-07-18T21:44:31.730Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2023-08-23T21:21:07.642Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:walchem:intuition_9:-:*:*:*:*:*:*:*", "matchCriteriaId": "3E7C1440-FDB8-49F9-B2A1-981AEE899035", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:walchem:intuition_9_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4646AA8D-0D63-4026-AB76-29D13BFEAE8B", "versionEndExcluding": "4.21", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data.\n"}, {"lang": "es", "value": "La versiones de firmware de Walchem Intuition 9 anteriores a la v4.21 carecen de autenticaci\u00f3n para algunas de las rutas API del servidor web de gesti\u00f3n. Esto podr\u00eda permitir a un atacante descargar y exportar datos sensibles. "}], "id": "CVE-2023-38422", "lastModified": "2023-09-05T19:41:08.010", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-08-23T22:15:08.693", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-306"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}