How severe is CVE-2023-39467?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2023-39467?

This is classified as CWE-219, which is a common weakness in software security.

CVE-2023-39467 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of certificate web directory. The issue results from the exposure of sensitive information in the application webroot. An attacker can leverage this vulnerability to disclose sensitive information. Was ZDI-CAN-20798.

Related Vulnerabilities

CVE-2002-2024

MEDIUM

CVSS:5.3(Medium)

Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_...

CWE-2192002

CVE-2022-36306

MEDIUM

CVSS:6.5(Medium)

An authenticated attacker can enumerate and download sensitive files, including the eNodeB's web management UI's TLS private key, the web server binary, and the web server configuration file. These vu...

CWE-2192022

CVE-2022-21236

HIGH

CVSS:8.1(High)

An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a disclosure of sensitive ...

CWE-2192022