CVE-2023-29447

Description

An insufficiently protected credentials vulnerability in KEPServerEX could allow an adversary to capture user credentials as the web server uses basic authentication.

CVSS Version 3.1

nvd
CVE ID: CVE-2023-29447
Base Score: 5.3
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 1.6

dragos
CVE ID: CVE-2023-29447
Base Score: 5.7
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 2.1

Refrence: NVD MITRE

Description​

Description