Sign-up

ID

VAR-202306-0225


CVE

CVE-2023-30602


TITLE

Hitron Technologies CODA Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202306-089

DESCRIPTION

Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An unauthenticated remote attacker can exploit this vulnerability to access credentials of normal users and administrator

Trust: 0.99

sources: NVD: CVE-2023-30602 // VULMON: CVE-2023-30602

AFFECTED PRODUCTS

vendor:hitrontechmodel:coda-5310scope:eqversion:7.2.4.7.1b3

Trust: 1.0

sources: NVD: CVE-2023-30602

CVSS

SEVERITY

CVSSV2

CVSSV3

twcert@cert.org.tw: CVE-2023-30602
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202306-089
value: HIGH

Trust: 0.6

twcert@cert.org.tw: CVE-2023-30602
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: CNNVD: CNNVD-202306-089 // NVD: CVE-2023-30602

PROBLEMTYPE DATA

problemtype:CWE-319

Trust: 1.0

sources: NVD: CVE-2023-30602

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202306-089

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202306-089

PATCH

title:Hitron Technologies CODA Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=240151

Trust: 0.6

sources: CNNVD: CNNVD-202306-089

EXTERNAL IDS

db:NVDid:CVE-2023-30602

Trust: 1.7

db:CNNVDid:CNNVD-202306-089

Trust: 0.6

db:VULMONid:CVE-2023-30602

Trust: 0.1

sources: VULMON: CVE-2023-30602 // CNNVD: CNNVD-202306-089 // NVD: CVE-2023-30602

REFERENCES

url:https://www.twcert.org.tw/tw/cp-132-7084-74e83-1.html

Trust: 1.7

url:https://cxsecurity.com/cveshow/cve-2023-30602/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/311.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-30602 // CNNVD: CNNVD-202306-089 // NVD: CVE-2023-30602

SOURCES

db:VULMONid:CVE-2023-30602
db:CNNVDid:CNNVD-202306-089
db:NVDid:CVE-2023-30602

LAST UPDATE DATE

2024-10-15T02:43:36.357000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-30602date:2023-06-02T00:00:00
db:CNNVDid:CNNVD-202306-089date:2023-06-05T00:00:00
db:NVDid:CVE-2023-30602date:2024-10-14T04:15:04.567

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-30602date:2023-06-02T00:00:00
db:CNNVDid:CNNVD-202306-089date:2023-06-02T00:00:00
db:NVDid:CVE-2023-30602date:2023-06-02T11:15:10.793