ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-01 | Patch Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
History
28 Dec 2023, 19:26
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-23 22:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-3453
Mitre link : CVE-2023-3453
CVE.ORG link : CVE-2023-3453
JSON object : View
Products Affected
etictelecom
- rfm-e
- ras-ec-400-lw
- ras-ew-100
- ras-e-220
- ras-c-100-lw
- ras-ec-220-lw
- ras-ew-220
- ras-e-100
- remote_access_server_firmware
- ras-ec-480-lw
- ras-ecw-400-lw
- ras-ew-400
- ras-ecw-220-lw
- ras-e-400
CWE
CWE-1188
Insecure Default Initialization of Resource