CVE-2023-4570

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Oct 5, 2023

Updated: Oct 12, 2023

CWE ID 79

Summary

CVE-2023-4570 is a newly identified vulnerability affecting the NI MeasurementLink Python services. This issue arises due to an inadequate access restriction, permitting an attacker on an adjacent network to access services that were previously assumed to be inaccessible, as they were running on localhost. The affected services are found in measurement plug-ins written in Python, utilizing version 1.1.0 of the ni-measurementlink-service Python package and all its predecessors.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Connections Docs

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s9depH
https://www.cve.org/CVERecord?id=CVE-2023-4570
https://nvd.nist.gov/vuln/detail/CVE-2023-4570

Back to Vulnerability Database

CVE-2023-4570

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations