CVE-2023-0356 MEDIUM

CVE-2023-0356

Vendor Socomec

Product MODULYS GP

Weakness CWE-261

Published January 24, 2023

Last update January 16, 2025

View on NVD All CVEs

CVSS base score

5.7/10

Attack vector Adjacent

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information.

Key dates

02Disclosure timeline

January 24, 2023 CVE published

January 16, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-0356 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/261.html

Related vulnerabilities

CVE-2023-0356

01Description

02Disclosure timeline

03References

04Related CVE