VDB
VDE-2023-001
VDE-2023-001
PUBLISHED
CVSS 7.800000190734863 HIGH
A new LTS Firmware release fixes known vulnerabilities in used open-source libraries. In addition, the following improvements have been implemented: HMI - Hardening against DoS attacks. - Hardening against memory leak problems in case of network attacks. WBM - Umlauts in the password of the 'User Manager' were not handled correctly. The password rule for upper and lower case was not followed. This could lead to unintentionally weaker passwords.- Hardening of WBM against Cross-Site-Scripting. User Manager - In security notifications 'SecurityToken' was always displayed as '0000000' when creating or modifying users.- Hardening of Trust and Identity Stores.
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| AXC F 2152 | ||
| RFC 4072R | ||
| RFC 4072S | ||
| Firmware 2023.0.0 LTS | ||
| AXC F 1152 | ||
| AXC F 3152 | ||
| Firmware <2023.0.0 LTS | ||
| BPC 9102S |
Timeline
- Feb 14, 2023 CVE Published
- Jun 5, 2025 CVE Updated