Econolite EOS versions prior to 3.2.23 lack a password
requirement for gaining “READONLY” access to log files and certain database and
configuration files. One such file contains tables with MD5 hashes and
usernames for all defined users in the control software, including
administrators and technicians.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-23-026-02 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2023-01-26T20:37:53.380Z
Updated: 2024-08-02T05:10:56.170Z
Reserved: 2023-01-23T18:19:27.265Z
Link: CVE-2023-0451
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-01-26T21:18:08.673
Modified: 2024-11-21T07:37:12.137
Link: CVE-2023-0451
Redhat
No data.