CVE-2023-41088

Published: Oct 19, 2023Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker with access to the network, where clients have access to the DexGate server, could capture traffic. The attacker can later us the information within it to access the application.

Affected (1)

Products: Dexma: Dexgate

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dexma Dexgate	Version 20130114

Related CWEs

Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References (2)

https://www.cisa.gov/news-events/ics-advisories/icsa-23-271-02

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://www.cisa.gov/news-events/ics-advisories/icsa-23-271-02

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.