CVE-2023-1898

Summary

Atlas Copco Power Focus 6000 web server uses a small amount of session ID numbers. An attacker could enter a session ID number to retrieve data for an active user’s session.

Affected Software

VendorProductVersion RangeStatus
Atlas CopcoPower Focus6000affected

Weaknesses

  • CWE-334 Small Space of Random Values

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References