CVE-2023-41256

EUVD-2023-45773
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized attacker to obtain user access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
icscertCNA
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
doverfuelingsolutionsmaglink_lx_web_console_configuration
2.5.1
doverfuelingsolutionsmaglink_lx_web_console_configuration
2.5.2
doverfuelingsolutionsmaglink_lx_web_console_configuration
2.5.3
doverfuelingsolutionsmaglink_lx_web_console_configuration
2.6.1
doverfuelingsolutionsmaglink_lx_web_console_configuration
2.11
doverfuelingsolutionsmaglink_lx_web_console_configuration
3.0
doverfuelingsolutionsmaglink_lx_web_console_configuration
3.2
doverfuelingsolutionsmaglink_lx_web_console_configuration
3.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-01