CVE-2023-3655

Summary

cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,…). This vulnerability can be triggered by an HTTP endpoint exposed to the network.

Affected Software

VendorProductVersion RangeStatus
PoS/ Dienstleistung, Entwicklung & Vertrieb GmbHcashIT! - serving solutions.0 <= 03.A06rks 2023.02.37affected

Weaknesses

  • CWE-749: CWE-749 Exposed Dangerous Method or Function

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References