CVE-2023-44037

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 14, 2023

Updated: Oct 19, 2023

CWE ID 312

Summary

CVE-2023-44037 is a vulnerability affecting ZPE Systems' Nodegrid OS versions 5.8.10-5.8.13 and 5.10.3-5.10.5. This issue enables a remote attacker to access sensitive information through the TACACS+ server component, potentially leading to unauthorized data theft. The precise nature of the vulnerability involves improper handling of TACACS+ packets, providing an attack vector for unauthenticated actors to extract confidential data. Users are advised to upgrade their Nodegrid OS to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

ZPE Systems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/syX261
https://www.cve.org/CVERecord?id=CVE-2023-44037
https://nvd.nist.gov/vuln/detail/CVE-2023-44037

Back to Vulnerability Database

CVE-2023-44037

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations