CVE-2023-3264

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 14, 2023

Updated: Aug 25, 2023

CWE ID 787

CWE ID 122

Summary

CVE-2023-3264: This vulnerability affects the Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier. The device uses hard-coded credentials for accessing its internal Postgres database, making it susceptible to attacks. Malicious agents with operating system command execution capabilities can exploit this vulnerability, leading to unauthorized read, modification, or deletion of database records.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/renWjF
https://www.cve.org/CVERecord?id=CVE-2023-3264
https://nvd.nist.gov/vuln/detail/CVE-2023-3264

Back to Vulnerability Database

CVE-2023-3264

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations