Vulnerability Details CVE-2023-0451
Econolite EOS versions prior to 3.2.23 lack a password
requirement for gaining “READONLY” access to log files and certain database and
configuration files. One such file contains tables with MD5 hashes and
usernames for all defined users in the control software, including
administrators and technicians.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.6%
CVSS Severity
CVSS v3 Score 7.5
References