CVE-2023-41965

Summary

Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process.

Affected Software

VendorProductVersion RangeStatus
SocomecMODULYS GP (MOD3GP-SY-120K)v01.12.10affected

Weaknesses

  • CWE-921: CWE-921 Storage of Sensitive Data in a Mechanism without Access Control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References