{"dataType":"CVE_RECORD","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-43845","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2025-02-13T15:46:51.444Z","datePublished":"2024-05-28T18:17:55.220Z","dateReserved":"2023-09-25T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2024-05-28T18:17:55.534Z"},"descriptions":[{"lang":"en","value":"Aten PE6208 2.3.228 and 2.4.232 have default credentials for the privileged telnet account. The user is not asked to change the credentials after first login. If not changed, attackers can log in to the telnet console and gain administrator privileges."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"https://github.com/setersora/pe6208"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}]},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":9.8,"attackVector":"NETWORK","baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"id":"CVE-2023-43845","role":"CISA Coordinator","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2024-05-30T18:53:14.621380Z"}}}],"affected":[{"cpes":["cpe:2.3:a:aten:pe6208:2.3.228:*:*:*:*:*:*:*"],"vendor":"aten","product":"pe6208","versions":[{"status":"affected","version":"2.3.228"}],"defaultStatus":"unknown"},{"cpes":["cpe:2.3:a:aten:pe6208:2.4.232:*:*:*:*:*:*:*"],"vendor":"aten","product":"pe6208","versions":[{"status":"affected","version":"2.4.232"}],"defaultStatus":"unknown"}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-269","description":"CWE-269 Improper Privilege Management"}]}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:26:05.322Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T19:52:11.392Z"},"title":"CVE Program Container","references":[{"url":"https://github.com/setersora/pe6208","tags":["x_transferred"]}]}]},"dataVersion":"5.1"}