CVE-2023-4837

SmodBIP is vulnerable to Cross-Site Request Forgery, that could be used to induce logged in users to perform unintended actions, including creation of additional accounts with administrative privileges. 
This issue affects all versions of SmodBIP. SmodBIP is no longer maintained and the vulnerability will not be fixed.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CERT-PLCNA
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
VendorProductVersion
smodsmodbip
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://cert.pl/en/posts/2023/10/CVE-2023-4837/
https://cert.pl/posts/2023/10/CVE-2023-4837/
https://smod.pl/
https://cert.pl/en/posts/2023/10/CVE-2023-4837/
https://cert.pl/posts/2023/10/CVE-2023-4837/
https://smod.pl/