CVE-2023-46294

CVSS v3 3.4 LOW

3.4^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 2.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

n issue was discovered in Teledyne FLIR M300 2.00-19. User account passwords are encrypted locally, and can be decrypted to cleartext passwords using the utility umSetup. This utility requires root permissions to execute.

References

Link	Resource
https://Loudmouth.io
https://gitlab.com/loudmouth-security/vulnerability-disclosures/cve-2023-46294
https://Loudmouth.io
https://gitlab.com/loudmouth-security/vulnerability-disclosures/cve-2023-46294

Configurations

No configuration.

History

21 Nov 2024, 08:28

Type	Values Removed	Values Added
References	~~() https://Loudmouth.io -~~	() https://Loudmouth.io -
References	~~() https://gitlab.com/loudmouth-security/vulnerability-disclosures/cve-2023-46294 -~~	() https://gitlab.com/loudmouth-security/vulnerability-disclosures/cve-2023-46294 -

04 Nov 2024, 17:35

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 3.4
CWE		CWE-312

02 May 2024, 13:27

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-01 20:15

Updated : 2024-11-21 08:28

NVD link : CVE-2023-46294

Mitre link : CVE-2023-46294

CVE.ORG link : CVE-2023-46294

JSON object : View

Products Affected

No product.

CWE

CWE-312

Cleartext Storage of Sensitive Information

3.4 /10