CVE-2023-43846
published 2024-05-28CVE-2023-43846: Incorrect access control in logs management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote attackers to get the device logs via…
PriorityP429medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.58%
43.4th percentile
Incorrect access control in logs management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote attackers to get the device logs via HTTP GET request. The logs contain such information as user names and IP addresses used in the infrastructure. This information may help the attackers to conduct further attacks in the infrastructure.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| aten | pe6208_firmware | >= 2.3.228 < 2.4.239 | 2.4.239 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No advisories linked to this vulnerability.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-05-28
Published