Vulnerability Details : CVE-2023-35794
An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal endpoint (spawned console) can be accessed without authentication. Specifically, there is no session cookie validation on the Access Controller; instead, there is only Basic Authentication to the SSH console.
Vulnerability category: BypassGain privilege
Products affected by CVE-2023-35794
- cpe:2.3:a:cassianetworks:access_controller:2.1.1.2303271039:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-35794
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 51 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-35794
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2023-35794
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-35794
-
https://github.com/Dodge-MPTC/CVE-2023-35794-WebSSH-Hijacking
GitHub - Dodge-MPTC/CVE-2023-35794-WebSSH-Hijacking: Repository contains description for CVE-2023-35794 discovered by Dodge Industrial Team for Dodge OPTIFY platfrom.Exploit;Third Party Advisory
-
https://blog.kscsc.online/cves/202335794/md.html
SwiruHack online
-
https://www.cassianetworks.com/products/iot-access-controller/
Cassia's IoT Access Controller (AC)Product
Jump to