CVE-2023-40708 Vulnerability Details

  /     /     /  

CVE-2023-40708 Metadata Quick Info

CVE Published: 24/08/2023 | CVE Updated: 02/10/2024 | CVE Year: 2023
Source: Dragos | Vendor: OPTO 22 | Product: SNAP PAC S1
Status : PUBLISHED

---

CVE-2023-40708 Description

The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files.

Metrics

CVSS Version: 3.1 | Base Score: 5.8 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

l➤ Exploitability Metrics:
    Attack Vector (AV)* NETWORK
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* NONE
    User Interaction (UI)* NONE
    Scope (S)* CHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* LOW
    Integrity Impact (I)* NONE
    Availability Impact (A)* NONE

Weakness Enumeration (CWE)

CWE-ID: CWE-1188
CWE Name: CWE-1188 Insecure Default Initialization of Resource
Source: OPTO 22

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).