Improper access control vulnerability in the system date/time setting page of SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10 and SV-CPT-MC310F versions prior to Ver.8.10 allows a remote authenticated attacker to alter system date/time of the affected product.
References
Link | Resource |
---|---|
https://jvn.jp/en/vu/JVNVU92106300/ | Third Party Advisory |
https://www.contec.com/jp/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_solarview_230508.pdf | Vendor Advisory |
https://www.contec.com/jp/download/donwload-list/?itemid=b28c8b7c-9f40-40b2-843c-b5b04c035b0e#firmware | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2023-05-23T00:00:00
Updated: 2023-05-23T00:00:00
Reserved: 2023-03-15T00:00:00
Link: CVE-2023-27920
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-23T02:15:09.827
Modified: 2023-05-30T15:41:23.137
Link: CVE-2023-27920
JSON object: View
Redhat Information
No data.
CWE