CVE-2023-38256

Summary

Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3

vulnerable to a path traversal attack, which could allow an attacker to access files stored on the system.

Affected Software

VendorProductVersion RangeStatus
Dover Fueling SolutionsMAGLINK LX Web Console Configuration2.5.1affected
Dover Fueling SolutionsMAGLINK LX Web Console Configuration2.5.2affected
Dover Fueling SolutionsMAGLINK LX Web Console Configuration2.5.3affected
Dover Fueling SolutionsMAGLINK LX Web Console Configuration2.6.1affected
Dover Fueling SolutionsMAGLINK LX Web Console Configuration2.11affected
Dover Fueling SolutionsMAGLINK LX Web Console Configuration3.0affected
Dover Fueling SolutionsMAGLINK LX Web Console Configuration3.2affected
Dover Fueling SolutionsMAGLINK LX Web Console Configuration3.3affected

Weaknesses

  • CWE-22: CWE-22 Path Traversal

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References