Vulnerabilities > Bakerhughes > Bentley Nevada 3500 System Firmware > 5.0.5

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-19	CVE-2023-34437	Information Exposure vulnerability in Bakerhughes Bentley Nevada 3500 System Firmware 5.0.5 Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability in their password retrieval functionality which could allow an attacker to access passwords stored on the device. network low complexity bakerhughes CWE-200	7.5
2023-10-19	CVE-2023-34441	Cleartext Transmission of Sensitive Information vulnerability in Bakerhughes Bentley Nevada 3500 System Firmware 5.0.5 Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a cleartext transmission vulnerability which could allow an attacker to steal the authentication secret from communication traffic to the device and reuse it for arbitrary requests. network low complexity bakerhughes CWE-319	8.2
2023-10-19	CVE-2023-36857	Authentication Bypass by Capture-replay vulnerability in Bakerhughes Bentley Nevada 3500 System Firmware 5.0.5 Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to gain access. network low complexity bakerhughes CWE-294	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.