Main Vulnerability Database Vulnerabilities #VU81226

Cleartext transmission of sensitive information in Bently Nevada 3500 Rack - CVE-2023-34441

Published: September 27, 2023

Vulnerability identifier: #VU81226

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-34441

CWE-ID: CWE-319

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
Bently Nevada 3500 Rack

Software vendor:
Bently Nevada

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A remote attacker with ability to intercept network traffic can gain access to sensitive data.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.cisa.gov/news-events/ics-advisories/icsa-23-269-05

Cleartext transmission of sensitive information in Bently Nevada 3500 Rack - CVE-2023-34441

Description

Remediation

External links

Please verify you're human