The web application that owns the device clearly stores the credentials within the user management section. Obtaining this information can be done remotely due to the incorrect management of the sessions in the web application.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2023-09-18T20:01:05.148Z
Updated: 2023-09-18T20:01:05.148Z
Reserved: 2023-09-06T15:41:16.546Z
Link: CVE-2023-39452
JSON object: View
NVD Information
Status : Modified
Published: 2023-09-18T21:16:04.367
Modified: 2024-05-17T02:26:59.790
Link: CVE-2023-39452
JSON object: View
Redhat Information
No data.
CWE