CVE-2023-41084

Published on: Not Yet Published

Last Modified on: 09/19/2023 03:37:00 AM UTC

CVE-2023-41084 - advisory for ICSA-23-250-03

Certain versions of MODULYS GP MOD3GP-SY-120K from Socomec contain the following vulnerability:

** UNSUPPPORTED WHEN ASSIGNED ** Session management within the web application is incorrect and allows attackers to steal session cookies to perform a multitude of actions that the web app allows on the device.

CVE-2023-41084 has been assigned by [email protected] to track the vulnerability
Affected Vendor/Software: Socomec - MODULYS GP (MOD3GP-SY-120K) version = v01.12.10

CVE References

Description	Tags ^ⓘ	Link
Socomec MOD3GP-SY-120K \| CISA	www.cisa.gov text/html	MISC www.cisa.gov/news-events/ics-advisories/icsa-23-250-03

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

There are currently no QIDs associated with this CVE

Known Affected Software

Vendor	Product	Version
Socomec	MODULYS_GP_MOD3GP-SY-120K	= v01.12.10

No vendor comments have been submitted for this CVE