Vulnerability Details CVE-2023-27409
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A path traversal vulnerability was found in the `deviceinfo` binary via the `mac` parameter. This could allow an authenticated attacker with access to the SSH interface on the affected device to read the contents of any file named `address`.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.1%
CVSS Severity
CVSS v3 Score 2.5
References
Products affected by CVE-2023-27409
-
cpe:2.3:h:siemens:scalance_lpe9403:-
-
cpe:2.3:o:siemens:scalance_lpe9403_firmware:-
-
cpe:2.3:o:siemens:scalance_lpe9403_firmware:2.0