CVE-2023-4625
CVSS V2 None
CVSS V3 None
Description
Improper Restriction of Excessive Authentication Attempts vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F/iQ-R Series CPU modules Web server function allows a remote unauthenticated attacker to prevent legitimate users from logging into the Web server function for a certain period after the attacker has attempted to log in illegally by continuously attempting unauthorized login to the Web server function. The impact of this vulnerability will persist while the attacker continues to attempt unauthorized login.
Overview
- CVE ID
- CVE-2023-4625
- Assigner
- Mitsubishi
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-06T04:57:44.446Z
- Last Modified Date
- 2024-02-15T05:17:45.711Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-014_en.pdf | vendor-advisory |
| https://jvn.jp/vu/JVNVU94620134 | government-resource |
| https://www.cisa.gov/news-events/ics-advisories/icsa-23-306-02 | government-resource |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-4625 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4625 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-24 19:31:57 | Added to TrackCVE |