CVE-2023-5347 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CyberDanube	CNA	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 38%

Affected Products (NVD)

Vendor	Product	Version
korenix	jetnet_5310g_firmware	2.6
korenix	jetnet_4508_firmware	2.3
korenix	jetnet_4508i-w_firmware	1.3
korenix	jetnet_4508-w_firmware	2.3
korenix	jetnet_4508if-s_firmware	1.3
korenix	jetnet_4508if-m_firmware	1.3
korenix	jetnet_4508if-sw_firmware	1.3
korenix	jetnet_4508if-mw_firmware	1.3
korenix	jetnet_4508f-m_firmware	2.3
korenix	jetnet_4508f-s_firmware	2.3
korenix	jetnet_4508f-mw_firmware	2.3
korenix	jetnet_4508f-sw_firmware	2.3
korenix	jetnet_5620g-4c_firmware	1.1
korenix	jetnet_5612gp-4f_firmware	1.2
korenix	jetnet_5612g-4f_firmware	1.2
korenix	jetnet_5728g-24p-ac-2dc-us_firmware	2.1
korenix	jetnet_5728g-24p-ac-2dc-eu_firmware	2.1
korenix	jetnet_6528gf-2ac-eu_firmware	1.0
korenix	jetnet_6528gf-2ac-us_firmware	1.0
korenix	jetnet_6528gf-2dc24_firmware	1.0
korenix	jetnet_6528gf-2dc48_firmware	1.0
korenix	jetnet_6528gf-ac-eu_firmware	1.0
korenix	jetnet_6528gf-ac-us_firmware	1.0
korenix	jetnet_6628xp-4f-us_firmware	1.1
korenix	jetnet_6628x-4f-eu_firmware	1.0
korenix	jetnet_6728g-24p-ac-2dc-us_firmware	1.1
korenix	jetnet_6728g-24p-ac-2dc-eu_firmware	1.1
korenix	jetnet_6828gf-2dc48_firmware	1.0
korenix	jetnet_6828gf-2dc24_firmware	1.0
korenix	jetnet_6828gf-ac-dc24-us_firmware	1.0
korenix	jetnet_6828gf-2ac-us_firmware	1.0
korenix	jetnet_6828gf-ac-us_firmware	1.0
korenix	jetnet_6828gf-2ac-au_firmware	1.0
korenix	jetnet_6828gf-ac-dc24-eu_firmware	1.0
korenix	jetnet_6828gf-2ac-eu_firmware	1.0
korenix	jetnet_6910g-m12_hvdc_firmware	1.0
korenix	jetnet_7310g-v2_firmware	1.0
korenix	jetnet_7628xp-4f-us_firmware	1.0
korenix	jetnet_7628xp-4f-us_firmware	1.1
korenix	jetnet_7628xp-4f-eu_firmware	1.0
korenix	jetnet_7628xp-4f-eu_firmware	1.1
korenix	jetnet_7628x-4f-us_firmware	1.0
korenix	jetnet_7628x-4f-eu_firmware	1.0
korenix	jetnet_7714g-m12_hvdc_firmware	1.0

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.
CWE-347 - Improper Verification of Cryptographic Signature
The software does not verify, or incorrectly verifies, the cryptographic signature for data.

References

http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html

http://seclists.org/fulldisclosure/2024/Jan/11

https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/

https://www.beijerelectronics.com/en/support/Help___online?docId=69947

http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html

http://seclists.org/fulldisclosure/2024/Jan/11

https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/

https://www.beijerelectronics.com/en/support/Help___online?docId=69947