Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-31195

Summary
Assigner-jpcert
Assigner Org ID-ede6fdc4-6654-4307-a26d-3331c018e2ce
Published At-13 Jun, 2023 | 00:00
Updated At-03 Jan, 2025 | 19:39
Rejected At-
Credits

ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. When an attacker is in a position to be able to mount a man-in-the-middle attack, and a user is tricked to log into the affected device through an unencrypted ('http') connection, the user's session may be hijacked.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:jpcert
Assigner Org ID:ede6fdc4-6654-4307-a26d-3331c018e2ce
Published At:13 Jun, 2023 | 00:00
Updated At:03 Jan, 2025 | 19:39
Rejected At:
â–¼CVE Numbering Authority (CNA)

ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. When an attacker is in a position to be able to mount a man-in-the-middle attack, and a user is tricked to log into the affected device through an unencrypted ('http') connection, the user's session may be hijacked.

Affected Products
Vendor
ASUS (ASUSTeK Computer Inc.)ASUSTeK COMPUTER INC.
Product
ASUS Router RT-AX3000
Versions
Affected
  • Firmware versions prior to 3.0.0.4.388.23403
Problem Types
TypeCWE IDDescription
textN/ASensitive Cookie in HTTPS Session Without 'Secure' Attribute
Type: text
CWE ID: N/A
Description: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax3000/helpdesk_bios/?model2Name=RT-AX3000
N/A
https://jvn.jp/en/jp/JVN34232595/
N/A
Hyperlink: https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax3000/helpdesk_bios/?model2Name=RT-AX3000
Resource: N/A
Hyperlink: https://jvn.jp/en/jp/JVN34232595/
Resource: N/A
â–¼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax3000/helpdesk_bios/?model2Name=RT-AX3000
x_transferred
https://jvn.jp/en/jp/JVN34232595/
x_transferred
Hyperlink: https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax3000/helpdesk_bios/?model2Name=RT-AX3000
Resource:
x_transferred
Hyperlink: https://jvn.jp/en/jp/JVN34232595/
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-319CWE-319 Cleartext Transmission of Sensitive Information
Type: CWE
CWE ID: CWE-319
Description: CWE-319 Cleartext Transmission of Sensitive Information
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:vultures@jpcert.or.jp
Published At:13 Jun, 2023 | 10:15
Updated At:03 Jan, 2025 | 20:15

ASUS Router RT-AX3000 Firmware versions prior to 3.0.0.4.388.23403 uses sensitive cookies without 'Secure' attribute. When an attacker is in a position to be able to mount a man-in-the-middle attack, and a user is tricked to log into the affected device through an unencrypted ('http') connection, the user's session may be hijacked.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Secondary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
CPE Matches
ASUS (ASUSTeK Computer Inc.)
asus
>>rt-ax3000_firmware>>Versions before 3.0.0.4.388.23403(exclusive)
cpe:2.3:o:asus:rt-ax3000_firmware:*:*:*:*:*:*:*:*
ASUS (ASUSTeK Computer Inc.)
asus
>>rt-ax3000>>-
cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-319Primarynvd@nist.gov
CWE-319Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-319
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-319
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://jvn.jp/en/jp/JVN34232595/vultures@jpcert.or.jp
Third Party Advisory
https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax3000/helpdesk_bios/?model2Name=RT-AX3000vultures@jpcert.or.jp
Product
https://jvn.jp/en/jp/JVN34232595/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax3000/helpdesk_bios/?model2Name=RT-AX3000af854a3a-2127-422b-91ae-364da2661108
Product
Hyperlink: https://jvn.jp/en/jp/JVN34232595/
Source: vultures@jpcert.or.jp
Resource:
Third Party Advisory
Hyperlink: https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax3000/helpdesk_bios/?model2Name=RT-AX3000
Source: vultures@jpcert.or.jp
Resource:
Product
Hyperlink: https://jvn.jp/en/jp/JVN34232595/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.asus.com/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-ax3000/helpdesk_bios/?model2Name=RT-AX3000
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Product

Change History

0
Information is not available yet

Similar CVEs

6Records found
CVE-2023-39086
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 19.04%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 00:00
Updated-10 Oct, 2024 | 20:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-rt-ac66u_b1_firmwarert-ac66u_b1n/art-ac66u_b1
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2019-15911
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.67% / 71.54%
||
7 Day CHG~0.00%
Published-20 Dec, 2019 | 16:03
Updated-05 Aug, 2024 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 devices using ZigBee PRO. Because of insecure key transport in ZigBee communication, attackers can obtain sensitive information, cause the multiple denial of service attacks, take over smart home devices, and tamper with messages.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-ms-101_firmwarets-101_firmwarehg100ws-101_firmwarets-101dl-101_firmwarehg100_firmwaremw100_firmwaredl-101mw100as-101as-101_firmwarems-101ws-101n/a
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2024-53246
Matching Score-4
Assigner-Splunk Inc.
ShareView Details
Matching Score-4
Assigner-Splunk Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.07% / 22.23%
||
7 Day CHG~0.00%
Published-10 Dec, 2024 | 18:01
Updated-28 Feb, 2025 | 11:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sensitive Information Disclosure through SPL commands

In Splunk Enterprise versions below 9.3.2, 9.2.4, and 9.1.7 and Splunk Cloud Platform versions below 9.3.2408.101, 9.2.2406.106, 9.2.2403.111, and 9.1.2312.206, an SPL command can potentially disclose sensitive information. The vulnerability requires the exploitation of another vulnerability, such as a Risky Commands Bypass, for successful exploitation.

Action-Not Available
Vendor-Splunk LLC (Cisco Systems, Inc.)
Product-Splunk Cloud PlatformSplunk Enterprise
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2021-3003
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.16% / 36.38%
||
7 Day CHG~0.00%
Published-10 May, 2021 | 05:13
Updated-03 Aug, 2024 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Agenzia delle Entrate Desktop Telematico 1.0.0 contacts the jws.agenziaentrate.it server over cleartext HTTP, which allows man-in-the-middle attackers to spoof product updates.

Action-Not Available
Vendor-agenziaentraten/a
Product-desktop_telematicon/a
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2021-22923
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-5.3||MEDIUM
EPSS-0.07% / 20.67%
||
7 Day CHG~0.00%
Published-05 Aug, 2021 | 00:00
Updated-19 Nov, 2024 | 14:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user's expectations and intentions and without telling the user it happened.

Action-Not Available
Vendor-n/aNetApp, Inc.Oracle CorporationSiemens AGSplunk LLC (Cisco Systems, Inc.)CURLFedora Project
Product-h300eh500scloud_backuph300s_firmwareh410scurlh300suniversal_forwardersolidfiresinec_infrastructure_network_servicesh300e_firmwareclustered_data_ontaph500ehci_management_nodeh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareh700eh700e_firmwareh700smysql_serverhttps://github.com/curl/curl
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2020-13528
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-3.1||LOW
EPSS-0.69% / 71.84%
||
7 Day CHG~0.00%
Published-17 Dec, 2020 | 23:38
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause information disclosure. An attacker can sniff the network to trigger this vulnerability.

Action-Not Available
Vendor-lantronixn/a
Product-xport_edge_firmwarexport_edgeLantronix
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
Details not found