How severe is CVE-2023-4985?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2023-4985?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2023-4985

HIGH Year: 2023

CVSS v3 Score

7.8

High

CVSS v2 Score

4.6

Medium

Weakness Type

CWE-287

View all →

Vulnerability Description

A vulnerability classified as critical has been found in Supcon InPlant SCADA up to 20230901. Affected is an unknown function of the file Project.xml. The manipulation leads to improper authentication. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239796. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2011-4338

HIGH

CVSS:7.8(High)

Shaman 1.0.9: Users can add the line askforpwd=false to his shaman.conf file, without entering the root password in shaman. The next time shaman is run, root privileges are granted despite the fact th...

CWE-2872011

CVE-2013-5582

HIGH

CVSS:7.8(High)

Ammyy Admin 3.2 and earlier stores the client ID at a fixed memory location, which might make it easier for user-assisted remote attackers to bypass authentication by running a local program that extr...

CWE-2872013

CVE-2014-1867

HIGH

CVSS:7.8(High)

suPHP before 0.7.2 source-highlighting feature allows security bypass which could lead to arbitrary code execution

CWE-2872014

CVE-2014-8347

HIGH

CVSS:7.8(High)

An Authentication Bypass vulnerability exists in the MatchPasswordData function in DBEngine.dll in Filemaker Pro 13.03 and Filemaker Pro Advanced 12.04, which could let a malicious user obtain elevate...

CWE-2872014