CVE-2023-46384
Loytec LINX Configurator 7.4.10 Insecure Transit / Cleartext Secrets
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device.
LOYTEC electronics GmbH LINX Configurator 7.4.10 es vulnerable a permisos inseguros. El almacenamiento de credenciales en texto plano permite a atacantes remotos revelar la contraseña de administrador y omitir una autenticación para iniciar sesión en el dispositivo Loytec.
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authentication to login Loytec device.
Loytec LINX Configurator version 7.4.10 suffers from insecure transit and cleartext hardcoded secret vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-10-23 CVE Reserved
- 2023-11-28 CVE Published
- 2024-09-20 CVE Updated
- 2024-09-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-312: Cleartext Storage of Sensitive Information
CAPEC
References (4)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Loytec Search vendor "Loytec" | L-inx Configurator Search vendor "Loytec" for product "L-inx Configurator" | 7.4.10 Search vendor "Loytec" for product "L-inx Configurator" and version "7.4.10" | - |
Affected
|