Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross-site scripting, which could allow an attacker to run any JavaScript reference from the URL string. If this were to occur, the gateway's HTTP interface would redirect to the main page, which is index.htm.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-264-01 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2023-09-27T18:08:26.220Z
Updated: 2023-09-27T18:08:26.220Z
Reserved: 2023-08-24T17:52:27.663Z
Link: CVE-2023-4523
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-27T19:15:12.373
Modified: 2023-09-29T15:39:05.767
Link: CVE-2023-4523
JSON object: View
Redhat Information
No data.
CWE