CVE-2023-49957

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Dec 7, 2023

Updated: Dec 13, 2023

Summary

CVE-2023-49957 is a vulnerability affecting Dalmann OCPP.Core versions prior to 1.3.0 for Open Charge Point Protocol. Contrary to the expected protocol, this issue allows multiple transactions with the same connectorId and idTag, leading to potential transaction management and billing errors. Distinctively, the vendor does not view this as a problem, suggesting a scenario where two electric vehicles on the same account attempt to charge concurrently.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tq_4wV
https://www.cve.org/CVERecord?id=CVE-2023-49957
https://nvd.nist.gov/vuln/detail/CVE-2023-49957

Back to Vulnerability Database

CVE-2023-49957

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations