Sielco PolyEco1000 is vulnerable to an attacker bypassing authorization and accessing resources behind protected pages. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-07 | Third Party Advisory US Government Resource |
https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-07 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
21 Nov 2024, 08:29
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-07 - Third Party Advisory, US Government Resource | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
07 Nov 2023, 16:13
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.1 |
First Time |
Sielco polyeco500 Firmware
Sielco polyeco300 Firmware Sielco Sielco polyeco300 Sielco polyeco500 Sielco polyeco1000 Sielco polyeco1000 Firmware |
|
CPE | cpe:2.3:h:sielco:polyeco500:-:*:*:*:*:*:*:* cpe:2.3:h:sielco:polyeco300:-:*:*:*:*:*:*:* cpe:2.3:o:sielco:polyeco300_firmware:2.0.2:*:*:*:cpu:*:*:* cpe:2.3:o:sielco:polyeco1000_firmware:1.9.3:*:*:*:cpu:*:*:* cpe:2.3:o:sielco:polyeco500_firmware:10.16:*:*:*:fpga:*:*:* cpe:2.3:o:sielco:polyeco1000_firmware:1.9.4:*:*:*:cpu:*:*:* cpe:2.3:o:sielco:polyeco1000_firmware:10.19:*:*:*:fpga:*:*:* cpe:2.3:o:sielco:polyeco300_firmware:2.0.0:*:*:*:cpu:*:*:* cpe:2.3:h:sielco:polyeco1000:-:*:*:*:*:*:*:* cpe:2.3:o:sielco:polyeco300_firmware:10.19:*:*:*:fpga:*:*:* cpe:2.3:o:sielco:polyeco500_firmware:1.7.0:*:*:*:cpu:*:*:* cpe:2.3:o:sielco:polyeco1000_firmware:2.0.6:*:*:*:cpu:*:*:* |
|
References | (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-07 - Third Party Advisory, US Government Resource | |
CWE | NVD-CWE-noinfo |
26 Oct 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-26 21:15
Updated : 2024-11-21 08:29
NVD link : CVE-2023-46663
Mitre link : CVE-2023-46663
CVE.ORG link : CVE-2023-46663
JSON object : View
Products Affected
sielco
- polyeco1000
- polyeco500
- polyeco300_firmware
- polyeco300
- polyeco1000_firmware
- polyeco500_firmware
CWE