CVE-2023-3127 | THREATINT

Description

An unauthenticated user could log into iSTAR Ultra, iSTAR Ultra LT, iSTAR Ultra G2, and iSTAR Edge G2 with administrator rights.

PUBLISHED Reserved 2023-06-06 | Published 2023-07-11 | Updated 2024-10-22 | Assigner jci

HIGH: 7.5CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L

Problem types

CWE-287 Improper Authentication

Product status

Default status

unaffected

>6.8.6 (custom) before 6.9.2 CU01

affected

Default status

unaffected

>6.8.6 (custom) before 6.9.2 CU01

affected

Default status

unaffected

Any version before 6.9.2 CU01

affected

Default status

unaffected

Any version before 6.9.2 CU01

affected

References

www.johnsoncontrols.com/cyber-solutions/security-advisories

www.cisa.gov/news-events/ics-advisories/icsa-23-192-02

www.johnsoncontrols.com/cyber-solutions/security-advisories

www.cisa.gov/news-events/ics-advisories/icsa-23-192-02

cve.org (CVE-2023-3127)

nvd.nist.gov (CVE-2023-3127)

Download JSON

help @ threatint.eu