CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-47800

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the Microsoft SQL Server service sa account, allowing a threat actor to perform remote code execution, data exfiltration, or other nefarious actions such as tampering with data or destroying/disrupting MSSQL services.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.037

EPSS Ranking 87.4%

CVSS Severity

CVSS v3 Score 9.8

References

https://partner.natus.com/m/7cd3bcca88e446d4/original/NeuroWorks-SleepWorks-Product-Security-Bulletin.pdf
https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2023-006.txt
https://partner.natus.com/m/7cd3bcca88e446d4/original/NeuroWorks-SleepWorks-Product-Security-Bulletin.pdf
https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2023-006.txt

Products affected by CVE-2023-47800

Natus » Neuroworks Eeg » Version: N/A

cpe:2.3:a:natus:neuroworks_eeg:-
Natus » Neuroworks Eeg » Version: 8.4

cpe:2.3:a:natus:neuroworks_eeg:8.4
Natus » Sleepworks » Version: N/A

cpe:2.3:a:natus:sleepworks:-
Natus » Sleepworks » Version: 8.4

cpe:2.3:a:natus:sleepworks:8.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-47800

Products

Pricing

Contact Us