Affected devices use a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. This could allow an authenticated attacker with administrative privileges or an attacker that obtains a configuration backup to extract configuration information from the exported file.
History

Tue, 13 Aug 2024 08:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:U/RC:C'}


cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published: 2023-11-14T11:03:52.696Z

Updated: 2024-09-10T09:34:16.175Z

Reserved: 2023-09-28T16:18:45.648Z

Link: CVE-2023-44318

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-14T11:15:12.287

Modified: 2024-06-11T09:15:14.333

Link: CVE-2023-44318

cve-icon Redhat

No data.