CVE-2023-22581

Summary

White Rabbit Switch contains a vulnerability which makes it possible for an attacker to perform system commands under the context of the web application (the default installation makes the webserver run as the root user).

Affected Software

VendorProductVersion RangeStatus
CERNWhite Rabbit Switch< v6.0.1 <= v6.0.1affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

Workarounds

Upgrade to version 6.0.2

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References