CVE-2023-4834

In Red Lion Europe mbCONNECT24 and mymbCONNECT24 and Helmholz myREX24 and myREX24.virtual up to and including 2.14.2 an improperly implemented access validation allows an authenticated, low privileged attacker to gain read access to limited, non-critical device information in his account he should not have access to.
Configurations

Configuration 1 (hide)

cpe:2.3:a:helmholz:myrex24:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:helmholz:myrex24.virtual:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:36

Type Values Removed Values Added
References () https://cert.vde.com/en/advisories/VDE-2023-041 - Third Party Advisory () https://cert.vde.com/en/advisories/VDE-2023-041 - Third Party Advisory
References () https://cert.vde.com/en/advisories/VDE-2023-043 - Third Party Advisory () https://cert.vde.com/en/advisories/VDE-2023-043 - Third Party Advisory

Information

Published : 2023-10-16 09:15

Updated : 2024-11-21 08:36


NVD link : CVE-2023-4834

Mitre link : CVE-2023-4834

CVE.ORG link : CVE-2023-4834


JSON object : View

Products Affected

helmholz

  • myrex24
  • myrex24.virtual

mbconnectline

  • mbconnect24
  • mymbconnect24
CWE
CWE-269

Improper Privilege Management