Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to access other device's information.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-22-263-03 | Patch Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2022-12-21T22:28:58.579Z
Updated:
Reserved: 2022-09-12T20:22:40.302Z
Link: CVE-2022-3186
JSON object: View
NVD Information
Status : Modified
Published: 2022-12-21T23:15:09.697
Modified: 2023-11-07T03:50:57.580
Link: CVE-2022-3186
JSON object: View
Redhat Information
No data.
CWE