Sign-up

ID

VAR-202306-0241


CVE

CVE-2023-30604


TITLE

Hitron Technologies CODA Access control error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202306-081

DESCRIPTION

It is identified a vulnerability of insufficient authentication in the system configuration interface of Hitron Technologies CODA-5310. An unauthorized remote attacker can exploit this vulnerability to access system configuration interface, resulting in performing arbitrary system operation or disrupt service

Trust: 0.99

sources: NVD: CVE-2023-30604 // VULMON: CVE-2023-30604

AFFECTED PRODUCTS

vendor:hitrontechmodel:coda-5310scope:eqversion:7.2.4.7.1b3

Trust: 1.0

sources: NVD: CVE-2023-30604

CVSS

SEVERITY

CVSSV2

CVSSV3

twcert@cert.org.tw: CVE-2023-30604
value: CRITICAL

Trust: 1.0

CNNVD: CNNVD-202306-081
value: CRITICAL

Trust: 0.6

twcert@cert.org.tw: CVE-2023-30604
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: CNNVD: CNNVD-202306-081 // NVD: CVE-2023-30604

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.0

sources: NVD: CVE-2023-30604

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202306-081

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-202306-081

PATCH

title:Hitron Technologies CODA Fixes for access control error vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=240145

Trust: 0.6

sources: CNNVD: CNNVD-202306-081

EXTERNAL IDS

db:NVDid:CVE-2023-30604

Trust: 1.7

db:CNNVDid:CNNVD-202306-081

Trust: 0.6

db:VULMONid:CVE-2023-30604

Trust: 0.1

sources: VULMON: CVE-2023-30604 // CNNVD: CNNVD-202306-081 // NVD: CVE-2023-30604

REFERENCES

url:https://www.twcert.org.tw/tw/cp-132-7086-35622-1.html

Trust: 1.7

url:https://cxsecurity.com/cveshow/cve-2023-30604/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/306.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-30604 // CNNVD: CNNVD-202306-081 // NVD: CVE-2023-30604

SOURCES

db:VULMONid:CVE-2023-30604
db:CNNVDid:CNNVD-202306-081
db:NVDid:CVE-2023-30604

LAST UPDATE DATE

2024-08-14T15:15:58.808000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-30604date:2023-06-02T00:00:00
db:CNNVDid:CNNVD-202306-081date:2023-06-05T00:00:00
db:NVDid:CVE-2023-30604date:2023-06-09T21:56:34.763

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-30604date:2023-06-02T00:00:00
db:CNNVDid:CNNVD-202306-081date:2023-06-02T00:00:00
db:NVDid:CVE-2023-30604date:2023-06-02T11:15:10.930