Vulnerability Details : CVE-2023-25413

Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated access to Telnet and SNMP credentials.

Published 2023-04-11 21:15:21

Updated 2023-04-14 04:08:17

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2023-25413

Probability of exploitation activity in the next 30 days: 0.08%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 35 % EPSS Score History EPSS FAQ

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	[email protected]
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE-522 Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Assigned by: [email protected] (Primary)

Aten » Pe8108 Firmware » Version: 2.4.232
cpe:2.3:o:aten:pe8108_firmware:2.4.232:*:*:*:*:*:*:*
Matching versions
When used together with: Aten » Pe8108 » Version: N/A