CVE-2023-36497

Published Sep 11, 2023

Last updated 3 months ago

CVSS high 8.8

Overview

Description: Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 could allow a guest user to elevate to admin privileges.
Source: ics-cert@hq.dhs.gov
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

ics-cert@hq.dhs.gov: CWE-305

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C3C3D27-24CD-43C8-BE87-BDD72B25C767"
          },
          {
            "criteria": "cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D7C82DE-6F4D-4143-B0E9-D9ACD9C12AF3"
          },
          {
            "criteria": "cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97DE034A-BDA6-4B51-A4CC-A680635949F0"
          },
          {
            "criteria": "cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D2E3F6F-8929-4323-B0E6-97A24A2EE708"
          },
          {
            "criteria": "cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:2.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "384A423B-2C17-43D4-991E-1A0324329147"
          },
          {
            "criteria": "cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6565920-179C-42BF-9AF2-1CE627ECD3F7"
          },
          {
            "criteria": "cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84206322-6805-40D5-BC95-254D669E644D"
          },
          {
            "criteria": "cpe:2.3:a:doverfuelingsolutions:maglink_lx_web_console_configuration:3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7737DE0-8334-49C2-A44F-9F47E0BE2438"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:doverfuelingsolutions:maglink_lx_3:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "766A65BA-C796-482B-A74B-BCE28D200AB9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References