{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-1897","assignerOrgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","state":"PUBLISHED","assignerShortName":"icscert","dateReserved":"2023-04-05T20:12:40.491Z","datePublished":"2023-06-12T19:18:57.026Z","dateUpdated":"2025-01-06T16:01:51.285Z"},"containers":{"cna":{"title":"CVE-2023-1897","descriptions":[{"lang":"en","value":"Atlas Copco Power Focus 6000 web server does not sanitize the login information stored by the authenticated user’s browser, which could allow an attacker with access to the user’s computer to gain credential information of the controller."}],"source":{"discovery":"UNKNOWN"},"affected":[{"vendor":"Atlas Copco","product":"Power Focus","versions":[{"status":"affected","version":"6000"}]}],"problemTypes":[{"descriptions":[{"lang":"en","description":"CWE-312 Cleartext Storage of Sensitive Information"}]}],"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-01"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_1":{"version":"3.1","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H","baseScore":9.4,"baseSeverity":"CRITICAL"}}],"x_generator":{"engine":"VINCE 2.1.2","env":"prod","origin":"https://cveawg.mitre.org/api/cve/CVE-2023-1897"},"providerMetadata":{"orgId":"7d14cffa-0d7d-4270-9dc0-52cabd5a23a6","shortName":"icscert","dateUpdated":"2023-06-12T19:18:57.026Z"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T06:05:26.653Z"},"title":"CVE Program Container","references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-01","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-01-06T16:01:38.109901Z","id":"CVE-2023-1897","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-01-06T16:01:51.285Z"}}]}}