{"dataType":"CVE_RECORD","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-43844","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2025-02-13T15:46:50.933Z","datePublished":"2024-05-28T18:17:28.492Z","dateReserved":"2023-09-25T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2024-05-28T18:17:28.798Z"},"descriptions":[{"lang":"en","value":"Aten PE6208 2.3.228 and 2.4.232 have default credentials for the privileged web interface account. The user is not asked to change the credentials after first login. If not changed, attackers can log in to the web interface and gain administrator privileges."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"https://github.com/setersora/pe6208"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T19:52:11.495Z"},"title":"CVE Program Container","references":[{"url":"https://github.com/setersora/pe6208","tags":["x_transferred"]}]},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-1392","lang":"en","description":"CWE-1392 Use of Default Credentials"}]}],"affected":[{"vendor":"aten","product":"pe6208_firmware","cpes":["cpe:2.3:o:aten:pe6208_firmware:2.4.232:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"2.4.232","status":"affected"}]},{"vendor":"aten","product":"pe6208_firmware","cpes":["cpe:2.3:o:aten:pe6208_firmware:2.3.228:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"2.3.228","status":"affected"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":8,"attackVector":"ADJACENT_NETWORK","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-08-22T19:20:52.664893Z","id":"CVE-2023-43844","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-08-22T19:22:50.641Z"}}]},"dataVersion":"5.1"}