Vulnerabilities > CVE-2023-2187 - Unspecified vulnerability in Trianglemicroworks Scada Data Gateway
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
LOW Summary
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event". Furthermore, an attacker could use this vulnerability to spam the logged-in user with false events.