CVE-2023-1136

Summary

In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an unauthenticated attacker could generate a valid token, which would lead to authentication bypass.

Affected Software

VendorProductVersion RangeStatus
Delta ElectronicsInfraSuite Device Master0 < 1.0.5affected

Weaknesses

  • CWE-287 Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References