{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc5000gx_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "88E56078-45E6-40B6-AD56-754417AA612D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc5000gx:2.12:*:*:*:*:*:*:*", "matchCriteriaId": "C27380E3-5787-4C7F-96AE-E834040EA173", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc120gx_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4C80C4E0-99B6-4613-8177-16F48262D5A1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc120gx:2.12:*:*:*:*:*:*:*", "matchCriteriaId": "C1C02CE8-16FD-4806-8D63-BA9FDAC1F71A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc300gx_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "67169423-AF07-472D-A6AC-824C984CCF1C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc300gx:2.11:*:*:*:*:*:*:*", "matchCriteriaId": "11F2CB0B-24EF-4936-9C66-D0AD36C9A7E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc1600gx_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2441008F-E40A-444B-8ECA-1EADE30BD10A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc1600gx:2.10:*:*:*:*:*:*:*", "matchCriteriaId": "427F22A9-A765-406D-B69F-EAC2F6135D39", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc2000gx_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA6B6755-024E-415E-AFED-3D400EF1AF4E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc2000gx:2.10:*:*:*:*:*:*:*", "matchCriteriaId": "19520B42-0049-4CE7-9EE0-B42235868837", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc1600gx_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2441008F-E40A-444B-8ECA-1EADE30BD10A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc1600gx:2.08:*:*:*:*:*:*:*", "matchCriteriaId": "D48F458B-DF3C-4BD8-9B2F-3C1912A46A1D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc1000gx_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C2AC526C-AC1D-4B86-8DA8-7FDC5EE048AD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc1000gx:2.08:*:*:*:*:*:*:*", "matchCriteriaId": "1EC90D2A-2A31-47DF-9417-03CA14537DC8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc3000gx_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9BAEA126-26DC-46D4-B2DC-9D654E40AE69", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc3000gx:2.07:*:*:*:*:*:*:*", "matchCriteriaId": "03644DDC-CA02-40B3-88B9-CF7A0652B6C0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc5000gx_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "88E56078-45E6-40B6-AD56-754417AA612D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc5000gx:2.06:*:*:*:*:*:*:*", "matchCriteriaId": "C70C0CCF-B3FC-4C4E-8452-06332F7C6531", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc30gt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1422AD55-64A5-449C-8DC9-D3A0F94CF88B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc30gt:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "C89B2915-7248-473D-82DB-987CBB27C88B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc300gt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "225AF1A9-BAFD-4282-87FD-01DC3B4F7F2D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc300gt:1.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "A44224EB-5D1B-4384-BE01-1D5F9BE04F0E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc100gt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "20109CEA-108E-4FEE-83C1-7FF47A33B8C3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc100gt:1.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "F852823F-D669-4A3D-9FA1-5A9BA85949D6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc5000gt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2700ACAC-39AA-43D4-BDCA-F97FF223AB7D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc5000gt:1.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "7FB21956-92FB-4837-A173-904152486545", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc1000gt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F88C8279-347E-4179-9429-B54A3EADDF92", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc1000gt:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "B1443832-3C4E-4795-B333-BFE877755D57", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:analog_fm_transmitter_exc120gt_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C76D25F5-5B8F-4560-96E2-7D6922BCBF72", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:analog_fm_transmitter_exc120gt:1.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "D319A987-73D1-401A-9A23-F207DBC6E3B6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:radio_link_rtx19_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DCF3BEC-B138-4C18-8F54-1E75B8EC5E47", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:radio_link_rtx19:2.06:*:*:*:*:*:*:*", "matchCriteriaId": "7E32597B-BFDA-40BA-B8BA-889AC1F695B1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:radio_link_rtx19_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DCF3BEC-B138-4C18-8F54-1E75B8EC5E47", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:radio_link_rtx19:2.05:*:*:*:*:*:*:*", "matchCriteriaId": "9ECF7A90-EBF5-47B9-8BB0-F37B6D7A963A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:radio_link_exc19_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "234A6FEA-8292-48A5-8C60-2A8976E4740F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:radio_link_exc19:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "ABF0512B-EE6F-496F-A561-2B5F94AB0670", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:radio_link_rtx19_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DCF3BEC-B138-4C18-8F54-1E75B8EC5E47", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:radio_link_rtx19:1.60:*:*:*:*:*:*:*", "matchCriteriaId": "65490A2B-74B0-455B-BBD4-8143939BC5CA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:radio_link_rtx19_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8DCF3BEC-B138-4C18-8F54-1E75B8EC5E47", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:radio_link_rtx19:1.59:*:*:*:*:*:*:*", "matchCriteriaId": "7E4D0FD7-079E-4781-AA84-9528528B29A8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:sielco:radio_link_exc19_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "234A6FEA-8292-48A5-8C60-2A8976E4740F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:sielco:radio_link_exc19:1.55:*:*:*:*:*:*:*", "matchCriteriaId": "F6442DD6-095D-47BF-BBA6-0634C20D62D4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "\n\n\nThe application suffers from a privilege escalation vulnerability. A \nuser with read permissions can elevate privileges by sending a HTTP POST\n to set a parameter.\n\n\n\n\n\n\n\n"}, {"lang": "es", "value": "La aplicaci\u00f3n sufre una vulnerabilidad de escalada de privilegios. Un usuario con permisos de lectura puede elevar sus privilegios enviando un HTTP POST para establecer un par\u00e1metro."}], "id": "CVE-2023-41966", "lastModified": "2023-11-07T18:33:13.163", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2023-10-26T17:15:08.747", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Product"], "url": "https://www.sielco.org/en/contacts"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-267"}], "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}
MITRE Information
NVD Information
Redhat Information