Econolite EOS versions prior to 3.2.23 lack a password requirement for gaining “READONLY” access to log files and certain database and configuration files. One such file contains tables with MD5 hashes and usernames for all defined users in the control software, including administrators and technicians.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2023-01-26T20:37:53.380Z

Updated: 2024-08-02T05:10:56.170Z

Reserved: 2023-01-23T18:19:27.265Z

Link: CVE-2023-0451

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-01-26T21:18:08.673

Modified: 2024-11-21T07:37:12.137

Link: CVE-2023-0451

cve-icon Redhat

No data.