Vulnerability Details CVE-2023-46664
Sielco PolyEco1000 is vulnerable to an improper access control vulnerability when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.2%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-46664
-
cpe:2.3:h:sielco:polyeco1000:-
-
cpe:2.3:h:sielco:polyeco300:-
-
cpe:2.3:h:sielco:polyeco500:-
-
cpe:2.3:o:sielco:polyeco1000_firmware:1.9.3
-
cpe:2.3:o:sielco:polyeco1000_firmware:1.9.4
-
cpe:2.3:o:sielco:polyeco1000_firmware:10.19
-
cpe:2.3:o:sielco:polyeco1000_firmware:2.0.6
-
cpe:2.3:o:sielco:polyeco300_firmware:10.19
-
cpe:2.3:o:sielco:polyeco300_firmware:2.0.0
-
cpe:2.3:o:sielco:polyeco300_firmware:2.0.2
-
cpe:2.3:o:sielco:polyeco500_firmware:1.7.0
-
cpe:2.3:o:sielco:polyeco500_firmware:10.16