In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.
References
Link | Resource |
---|---|
https://cert.vde.com/en/advisories/VDE-2023-018/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: CERTVDE
Published: 2023-08-09T06:37:48.351Z
Updated: 2023-12-14T14:34:49.405Z
Reserved: 2023-07-10T07:53:04.115Z
Link: CVE-2023-37858
JSON object: View
NVD Information
Status : Modified
Published: 2023-08-09T07:15:10.710
Modified: 2023-12-14T15:15:07.630
Link: CVE-2023-37858
JSON object: View
Redhat Information
No data.
CWE