CVE-2023-34437
EUVD-2023-3851319.10.2023, 00:15
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability in their password retrieval functionality which could allow an attacker to access passwords stored on the device.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| bakerhughes | bentley_nevada_3500_system_firmware | 5.0.5 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-732 - Incorrect Permission Assignment for Critical ResourceThe product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
- CWE-200 - Exposure of Sensitive Information to an Unauthorized ActorThe product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.