CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-31238

A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60). Affected devices are missing cookie protection flags when using the default settings. An attacker who gains access to a session token can use it to impersonate a legitimate application user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.7%

CVSS Severity

CVSS v3 Score 5.5

References

https://cert-portal.siemens.com/productcert/pdf/ssa-480095.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-480095.pdf
https://cert-portal.siemens.com/productcert/pdf/ssa-887249.pdf

Products affected by CVE-2023-31238

Siemens » Q200 » Version: N/A

cpe:2.3:h:siemens:q200:-
Siemens » Q200 Firmware » Version: Any

cpe:2.3:o:siemens:q200_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-31238

Products

Pricing

Contact Us