{"id": "CVE-2023-3263", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "trellixpsirt@trellix.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-08-14T05:15:09.833", "references": [{"url": "https://www.trellix.com/en-us/about/newsroom/stories/research/the-threat-lurking-in-data-centers.html", "tags": ["Vendor Advisory"], "source": "trellixpsirt@trellix.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}, {"type": "Secondary", "source": "trellixpsirt@trellix.com", "description": [{"lang": "en", "value": "CWE-289"}]}], "descriptions": [{"lang": "en", "value": "The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution."}], "lastModified": "2023-08-22T16:24:14.497", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4a-c10_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75AF2211-53B1-4F67-8297-5594354ECEE0", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4a-c10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B786B2F4-6586-4E05-BDE9-DFDBA7BD3739"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4a-c20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70C45633-4466-4DA1-87BC-668E97C903B9", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4a-c20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C10BFD7F-0EDC-4CA0-9BEE-2CD0C83CAA05"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4a-n15_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BCFF66D-7D0E-4D88-A03F-3F2A1A6796B7", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4a-n15:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "82C1859A-0D39-4D69-B89F-E6AB92D71A38"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4a-n20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95E21D0F-14EE-4B5F-B88C-AEA69F218751", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4a-n20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "23BC31CA-2061-4141-8600-EF4A9AE7DD2A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4-c20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E2EB4DE-CA66-4D74-BCCE-EDDC4FB2CFD7", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4-c20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "12B9705B-B21D-450B-A62B-933DC81A19E1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4-n20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB9C4427-9857-4E60-8D72-20428271E6FC", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4-n20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "936B8451-A674-49D7-91EC-A03599A6D6AE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4sa-c10_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "828F1A3D-19FD-4304-86CC-422E6A36FA94", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4sa-c10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CEBA453E-67D9-4760-89A6-6CF8C632C6A4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4sa-c20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62E22AE5-1F67-458A-A15E-D97ECBA22192", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4sa-c20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1139B205-02DA-4155-897C-F5D4191686A8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4sa-n15_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2580B4F-179A-4AEB-9761-700DC2D9D21E", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4sa-n15:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1469E464-6784-4B0B-9895-79BA5A1A1CB8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu4sa-n20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "945D8983-5B68-4317-A481-0F1672939CAB", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu4sa-n20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A017B904-A3C4-4070-96F7-9679FD2383C9"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-2c10_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E279B412-EE14-419E-A5C8-71CE9A2007A5", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-2c10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "518EE433-9E08-40FE-90F7-48E8AC934743"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-2c20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DED62B20-FBF2-43B0-AB69-9301CBB2BA23", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-2c20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A1C46D12-6699-4BAC-AC47-7B150AECAF9B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-2n15_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CB3A4AF-E802-420F-80EE-A3E89D862CD2", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-2n15:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "58CE9F4A-74BD-4AFC-B019-5D750E2D1E16"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-2n20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "169B8589-3268-4D47-9947-D2353E05EDFE", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-2n20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0DFC4885-AF94-471E-AE4E-DD26A6A91667"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-c10_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1518F9D6-DFB2-4A24-947A-C7B03DBE0D3A", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-c10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5042C3C1-3964-437B-98C1-0458F73B7197"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-c20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF27BF0A-3105-4508-9F9D-5B7AAFC6BFD4", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-c20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1522EB30-AB31-47E3-B2EB-90CE231C284B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-n15_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2568F56-2285-4D3F-ADD2-0D502774F9CF", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-n15:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "56E2CAAD-8A4D-4F1A-AEF0-034C02965935"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8a-n20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA8A8BB2-BBDF-41AB-AFFD-40A42C40DC30", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8a-n20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2B1D3E7F-9C2F-48F8-BF49-539570A0986A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8sa-2n15_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEDC5FD0-5677-4219-85B8-C797BD4246A2", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8sa-2n15:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ACA11FBB-1B4C-4F66-89EF-2D91C0161C4C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8sa-c10_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA54E12D-29DD-448A-B9DB-62449DBEC68F", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8sa-c10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EBD2B738-620D-42F8-881C-A6B293B724BA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8sa-n15_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30C50080-1D24-4D2D-A0DF-AF7D80FFD513", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8sa-n15:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E1A43409-AF18-4BD5-A0D4-D27CDD6ABBE6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dataprobe:iboot-pdu8sa-n20_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD655BA7-113E-4071-832E-8ECB38F10E14", "versionEndExcluding": "1.44.0804202"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dataprobe:iboot-pdu8sa-n20:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B64FEC33-D6D9-4F4C-BE43-31D637E6B01F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "trellixpsirt@trellix.com"}
