Vulnerabilities > CVE-2023-41965 - Storage of Sensitive Data in a Mechanism without Access Control vulnerability in Socomec Modulys GP Firmware 01.12.10

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
socomec
CWE-921

Summary

Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process.

Vulnerable Configurations

Part Description Count
OS
Socomec
1
Hardware
Socomec
1