Advantech WebAccess Debug Messages Revealing Unnecessary Information
CVE-2023-4215

6.5MEDIUM

Key Information:

Vendor

Advantech
Status
Webaccess
Vendor
CVE Published:
17 October 2023

What is CVE-2023-4215?

Advantech WebAccess version 9.1.3 is affected by a vulnerability that permits unauthorized access to sensitive user information, potentially leading to the leakage of user credentials. This exposure represents a significant security risk, necessitating immediate attention for users utilizing this version.

Affected Version(s)

WebAccess 9.1.3

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-2...

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Elcazators
.