CVE-2023-0444

Published: Jan 26, 2023Modified: Apr 3, 2025

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device Master 00.00.02a. A default user 'User', which is in the 'Read Only User' group, can view the password of another default user 'Administrator', which is in the 'Administrator' group. This allows any lower privileged user to log in as an administrator.

Affected (1)

Products: Deltaww: Infrasuite Device Master

Deltaww

1 product

Infrasuite Device Master

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Deltaww Infrasuite Device Master	Version 00.00.02a

References (2)

https://www.tenable.com/security/research/tra-2023-4

Source: vulnreport@tenable.com

Third Party Advisory

https://www.tenable.com/security/research/tra-2023-4

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.