CVE-2023-2758

Published: May 31, 2023Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

A denial of service vulnerability exists in Contec CONPROSYS HMI System versions 3.5.2 and prior. When there is a time-zone mismatch in certain configuration files, a remote, unauthenticated attacker may deny logins for an extended period of time.

Affected (1)

Products: Contec: Conprosys Hmi System

Contec

1 product

Conprosys Hmi System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Contec Conprosys Hmi System	Before 3.5.3

Related CWEs

CWE-799

Improper Control of Interaction Frequency

The product does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests.

References (4)

https://jvn.jp/en/vu/JVNVU93372935/index.html

Source: vulnreport@tenable.com

Third Party Advisory

https://www.tenable.com/security/research/tra-2023-21

Source: vulnreport@tenable.com

ExploitThird Party Advisory

https://jvn.jp/en/vu/JVNVU93372935/index.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.tenable.com/security/research/tra-2023-21

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.