In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://cert.vde.com/en/advisories/VDE-2023-022/ |
History
Wed, 02 Oct 2024 06:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-345 |
Wed, 02 Oct 2024 05:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-940 |
MITRE
Status: PUBLISHED
Assigner: CERTVDE
Published: 2023-08-03T10:55:08.945Z
Updated: 2024-10-02T05:35:40.245Z
Reserved: 2023-07-13T13:04:46.976Z
Link: CVE-2023-3663
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-08-03T11:15:10.077
Modified: 2024-11-21T08:17:47.187
Link: CVE-2023-3663
Redhat
No data.