CVE-2023-34143 Vulnerability Details

  /     /     /  

CVE-2023-34143 Metadata Quick Info

CVE Published: 18/07/2023 | CVE Updated: 21/10/2024 | CVE Year: 2023
Source: Hitachi | Vendor: Hitachi | Product: Hitachi Device Manager
Status : PUBLISHED

CVE-2023-34143 Description

Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02.

Metrics

CVSS Version: 3.1 | Base Score: 5.6 MEDIUM
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

l➤ Exploitability Metrics:
    Attack Vector (AV)* NETWORK
    Attack Complexity (AC)* HIGH
    Privileges Required (PR)* NONE
    User Interaction (UI)* NONE
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* LOW
    Integrity Impact (I)* LOW
    Availability Impact (A)* LOW

Weakness Enumeration (CWE)

CWE-ID: CWE-297
CWE Name: CWE-297 Improper Validation of Certificate with Host Mismatch
Source: Hitachi

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID: CAPEC-94
CAPEC Description: CAPEC-94 Man in the Middle Attack


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2023-34143 Vulnerability Details