CVE-2023-25409 : Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users

Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have access to other users outlets.

Published 2023-04-11 21:15:21

Updated 2025-02-11 17:15:18

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2023-25409

Aten » Pe8108 Firmware » Version: 2.4.232
cpe:2.3:o:aten:pe8108_firmware:2.4.232:*:*:*:*:*:*:*
Matching versions
When used together with: Aten » Pe8108 » Version: N/A

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 17 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
8.1	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H	2.8	5.2	134c704f-9b21-4f2e-91b3-4a467353bcc0	2025-02-11
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: High
8.1	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H	2.8	5.2	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: High

https://www.pentagrid.ch/en/blog/multiple-vulnerabilities-in-aten-PE8108-power-distribution-unit

Multiple vulnerabilities in Aten PE8108 power distribution unit | Pentagrid AG
Exploit;Third Party Advisory

Jump to