Vulnerabilities > CVE-2023-34353 - Unspecified vulnerability in Openautomationsoftware OAS Platform 18.00.0072

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

openautomationsoftware

NVD

Published: 2023-09-05

Updated: 2024-11-21

Summary

An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted network sniffing can lead to decryption of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Openautomationsoftware Openautomationsoftware OAS Platform 18.00.0072	1

References

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1776
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1776
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1776
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1776