How severe is CVE-2023-5719?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2023-5719?

This is classified as CWE-158, which is a common weakness in software security.

CVE-2023-5719 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

The Crimson 3.2 Windows-based configuration tool allows users with administrative access to define new passwords for users and to download the resulting security configuration to a device. If such a password contains the percent (%) character, invalid values will be included, potentially truncating the string if a NUL is encountered. If the simplified password is not detected by the administrator, the device might be left in a vulnerable state as a result of more-easily compromised credentials. Note that passwords entered via the Crimson system web server do not suffer from this vulnerability.

Related Vulnerabilities

CVE-2020-14500

CRITICAL

CVSS:9.8(Critical)

Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary data.

CWE-1582020

CVE-2020-14500

CRITICAL

CVSS:9.8(Critical)

Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary data.

CWE-1582020

CVE-2025-1936

HIGH

CVSS:7.3(High)

jar: URLs retrieve local file content packaged in a ZIP archive. The null and everything after it was ignored when retrieving the content from the archive, but the fake extension after the null was us...

CWE-1582025

CVE-2024-10921

MEDIUM

CVSS:6.8(Medium)

An authorized user may trigger crashes or receive the contents of buffer over-reads of Server memory by issuing specially crafted requests that construct malformed BSON in the MongoDB Server. This iss...

CWE-1582024

CVE-2020-5363

MEDIUM

CVSS:6.7(Medium)

Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Adm...

CWE-1582020

CVE-2020-7928

MEDIUM

CVSS:6.5(Medium)

A user authorized to perform database queries may trigger a read overrun and access arbitrary memory by issuing specially crafted queries. This issue affects MongoDB Server v4.4 versions prior to 4.4....

CWE-1582020