Detections
Analytics

CVE-2023-1138

high

Description

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain an improper access control vulnerability, which could allow an attacker to retrieve Gateway configuration files to obtain plaintext credentials.

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02

Details

Source: Mitre, NVD

Published: 2023-03-27

Updated: 2023-11-07

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High