{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-38523","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2024-10-28T13:40:56.196Z","dateReserved":"2023-07-19T00:00:00.000Z","datePublished":"2023-07-20T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2023-07-20T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder before 1.15.61, N-Series N1x22A Video Encoder/Decoder before 1.15.61, N-Series N1x33A Video Encoder/Decoder before 1.15.61, N-Series N1x33 Video Encoder/Decoder before 1.15.61, N-Series N2x35 Video Encoder/Decoder before 1.15.61, N-Series N2x35A Video Encoder/Decoder before 1.15.61, N-Series N2xx2 Video Encoder/Decoder before 1.15.61, N-Series N2xx2A Video Encoder/Decoder before 1.15.61, N-Series N3000 Video Encoder/Decoder before 2.12.105, and N-Series N4321 Audio Transceiver before 1.00.06."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"https://help.harmanpro.com/n1115-svsi-firmware"},{"url":"https://help.harmanpro.com/n1x22a-updater"},{"url":"https://help.harmanpro.com/n1x33a-updater"},{"url":"https://help.harmanpro.com/n1x33-updater"},{"url":"https://help.harmanpro.com/n2x35-updater-hotfix"},{"url":"https://help.harmanpro.com/n2x35a-updater-hotfix"},{"url":"https://help.harmanpro.com/n2xx2-updater-hotfix"},{"url":"https://help.harmanpro.com/n2xx2a-updater"},{"url":"https://help.harmanpro.com/svsi-n4321-firmware"},{"url":"https://help.harmanpro.com/n3k-updater-hotfix"},{"url":"https://wiki.notveg.ninja/blog/CVE-2023-38523/"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T17:46:56.632Z"},"title":"CVE Program Container","references":[{"url":"https://help.harmanpro.com/n1115-svsi-firmware","tags":["x_transferred"]},{"url":"https://help.harmanpro.com/n1x22a-updater","tags":["x_transferred"]},{"url":"https://help.harmanpro.com/n1x33a-updater","tags":["x_transferred"]},{"url":"https://help.harmanpro.com/n1x33-updater","tags":["x_transferred"]},{"url":"https://help.harmanpro.com/n2x35-updater-hotfix","tags":["x_transferred"]},{"url":"https://help.harmanpro.com/n2x35a-updater-hotfix","tags":["x_transferred"]},{"url":"https://help.harmanpro.com/n2xx2-updater-hotfix","tags":["x_transferred"]},{"url":"https://help.harmanpro.com/n2xx2a-updater","tags":["x_transferred"]},{"url":"https://help.harmanpro.com/svsi-n4321-firmware","tags":["x_transferred"]},{"url":"https://help.harmanpro.com/n3k-updater-hotfix","tags":["x_transferred"]},{"url":"https://wiki.notveg.ninja/blog/CVE-2023-38523/","tags":["x_transferred"]}]},{"affected":[{"vendor":"samsung","product":"harman_amx_n_series","cpes":["cpe:2.3:a:samsung:harman_amx_n_series:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"1.15.61","versionType":"custom"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-10-28T13:19:43.573085Z","id":"CVE-2023-38523","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-10-28T13:40:56.196Z"}}]}}