The application interface allows users to perform certain actions via
HTTP requests without performing any validity checks to verify the
requests. This can be exploited to perform certain actions with
administrative privileges if a logged-in user visits a malicious web
site.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08 | Third Party Advisory US Government Resource |
https://www.sielco.org/en/contacts | Product |
https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08 | Third Party Advisory US Government Resource |
https://www.sielco.org/en/contacts | Product |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
AND |
|
Configuration 17 (hide)
AND |
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
AND |
|
Configuration 20 (hide)
AND |
|
Configuration 21 (hide)
AND |
|
History
21 Nov 2024, 08:26
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08 - Third Party Advisory, US Government Resource | |
References | () https://www.sielco.org/en/contacts - Product |
07 Nov 2023, 19:54
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:o:sielco:analog_fm_transmitter_exc120gx_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc120gt_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc300gt_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:sielco:radio_link_rtx19:1.59:*:*:*:*:*:*:* cpe:2.3:h:sielco:radio_link_rtx19:2.06:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc30gt:1.7.7:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc5000gx:2.06:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc300gx_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sielco:radio_link_exc19_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:sielco:radio_link_exc19:1.55:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc100gt:1.7.4:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc3000gx:2.07:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc1000gt:1.6.3:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc5000gt_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc1600gx_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:sielco:radio_link_rtx19:1.60:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc2000gx:2.10:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc5000gx_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:sielco:radio_link_exc19:2.00:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc2000gx_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sielco:radio_link_rtx19_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc3000gx_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc30gt_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc1600gx:2.08:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc5000gt:1.7.4:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc120gt:1.5.4:*:*:*:*:*:*:* cpe:2.3:h:sielco:radio_link_rtx19:2.05:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc1000gt_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc1000gx_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc1000gx:2.08:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc1600gx:2.10:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc5000gx:2.12:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc120gx:2.12:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc300gx:2.11:*:*:*:*:*:*:* cpe:2.3:h:sielco:analog_fm_transmitter_exc300gt:1.7.4:*:*:*:*:*:*:* cpe:2.3:o:sielco:analog_fm_transmitter_exc100gt_firmware:-:*:*:*:*:*:*:* |
|
First Time |
Sielco analog Fm Transmitter Exc5000gx
Sielco analog Fm Transmitter Exc3000gx Sielco radio Link Exc19 Firmware Sielco radio Link Rtx19 Firmware Sielco analog Fm Transmitter Exc3000gx Firmware Sielco analog Fm Transmitter Exc1000gx Firmware Sielco analog Fm Transmitter Exc1600gx Sielco analog Fm Transmitter Exc1000gt Firmware Sielco analog Fm Transmitter Exc2000gx Sielco analog Fm Transmitter Exc100gt Firmware Sielco analog Fm Transmitter Exc300gx Firmware Sielco analog Fm Transmitter Exc120gx Firmware Sielco analog Fm Transmitter Exc120gt Sielco radio Link Exc19 Sielco analog Fm Transmitter Exc5000gt Firmware Sielco analog Fm Transmitter Exc2000gx Firmware Sielco analog Fm Transmitter Exc30gt Firmware Sielco analog Fm Transmitter Exc120gx Sielco analog Fm Transmitter Exc30gt Sielco analog Fm Transmitter Exc100gt Sielco analog Fm Transmitter Exc1600gx Firmware Sielco Sielco analog Fm Transmitter Exc300gt Firmware Sielco analog Fm Transmitter Exc120gt Firmware Sielco analog Fm Transmitter Exc1000gt Sielco analog Fm Transmitter Exc300gx Sielco analog Fm Transmitter Exc300gt Sielco analog Fm Transmitter Exc1000gx Sielco radio Link Rtx19 Sielco analog Fm Transmitter Exc5000gt Sielco analog Fm Transmitter Exc5000gx Firmware |
|
CWE | CWE-352 | |
References | (MISC) https://www.sielco.org/en/contacts - Product | |
References | (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08 - Third Party Advisory, US Government Resource |
26 Oct 2023, 17:33
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-26 17:15
Updated : 2024-11-21 08:26
NVD link : CVE-2023-45317
Mitre link : CVE-2023-45317
CVE.ORG link : CVE-2023-45317
JSON object : View
Products Affected
sielco
- analog_fm_transmitter_exc2000gx_firmware
- analog_fm_transmitter_exc3000gx
- analog_fm_transmitter_exc2000gx
- analog_fm_transmitter_exc1000gx
- analog_fm_transmitter_exc5000gt
- analog_fm_transmitter_exc30gt
- radio_link_rtx19_firmware
- analog_fm_transmitter_exc300gx_firmware
- analog_fm_transmitter_exc300gt_firmware
- analog_fm_transmitter_exc1600gx
- analog_fm_transmitter_exc120gx_firmware
- radio_link_exc19_firmware
- analog_fm_transmitter_exc120gx
- analog_fm_transmitter_exc1000gt
- analog_fm_transmitter_exc5000gx
- analog_fm_transmitter_exc30gt_firmware
- analog_fm_transmitter_exc1600gx_firmware
- analog_fm_transmitter_exc1000gx_firmware
- radio_link_rtx19
- analog_fm_transmitter_exc300gt
- analog_fm_transmitter_exc100gt_firmware
- analog_fm_transmitter_exc5000gx_firmware
- analog_fm_transmitter_exc3000gx_firmware
- analog_fm_transmitter_exc1000gt_firmware
- analog_fm_transmitter_exc120gt
- analog_fm_transmitter_exc300gx
- analog_fm_transmitter_exc100gt
- analog_fm_transmitter_exc5000gt_firmware
- radio_link_exc19
- analog_fm_transmitter_exc120gt_firmware
CWE
CWE-352
Cross-Site Request Forgery (CSRF)