{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1731", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "state": "PUBLISHED", "assignerShortName": "CERTVDE", "dateReserved": "2023-03-30T15:06:41.196Z", "datePublished": "2023-04-24T13:36:03.117Z", "dateUpdated": "2025-02-04T19:16:58.162Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "LTOS", "vendor": "Meinberg", "versions": [{"lessThan": "7.06.013", "status": "affected", "version": "0.0.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Many thanks to Noam Moshe of Claroty for reporting this vulnerability."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "In Meinbergs LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.<br>"}], "value": "In Meinbergs LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2023-05-23T05:49:20.632Z"}, "references": [{"url": "https://www.meinbergglobal.com/english/news/meinberg-security-advisory-mbgsa-2023-02-lantime-firmware-v7-06-013.htm"}], "source": {"defect": ["CERT@VDE#64425"], "discovery": "UNKNOWN"}, "title": "Improper Input Validation in Meinberg LTOS", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:57:25.243Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.meinbergglobal.com/english/news/meinberg-security-advisory-mbgsa-2023-02-lantime-firmware-v7-06-013.htm", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-04T19:16:33.062158Z", "id": "CVE-2023-1731", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-04T19:16:58.162Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.meinbergglobal.com/english/news/meinberg-security-advisory-mbgsa-2023-02-lantime-firmware-v7-06-013.htm", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:57:25.243Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-1731", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-04T19:16:33.062158Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-04T19:16:51.664Z"}}], "cna": {"title": "Improper Input Validation in Meinberg LTOS", "source": {"defect": ["CERT@VDE#64425"], "discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Many thanks to Noam Moshe of Claroty for reporting this vulnerability."}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Meinberg", "product": "LTOS", "versions": [{"status": "affected", "version": "0.0.0", "lessThan": "7.06.013", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.meinbergglobal.com/english/news/meinberg-security-advisory-mbgsa-2023-02-lantime-firmware-v7-06-013.htm"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "In Meinbergs LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.\n", "supportingMedia": [{"type": "text/html", "value": "In Meinbergs LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "shortName": "CERTVDE", "dateUpdated": "2023-05-23T05:49:20.632Z"}}}, "cveMetadata": {"cveId": "CVE-2023-1731", "state": "PUBLISHED", "dateUpdated": "2025-02-04T19:16:58.162Z", "dateReserved": "2023-03-30T15:06:41.196Z", "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c", "datePublished": "2023-04-24T13:36:03.117Z", "assignerShortName": "CERTVDE"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:meinbergglobal:lantime_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8085F2DD-CD93-4D37-9567-62966EB45A12", "versionEndExcluding": "7.06.013", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:meinbergglobal:lantime_m100:-:*:*:*:*:*:*:*", "matchCriteriaId": "2541CE93-F4C4-453E-83AC-ED39D83571DF", "vulnerable": false}, {"criteria": "cpe:2.3:h:meinbergglobal:lantime_m200:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0C58392-64BE-4A64-9B43-F599D03CBD3E", "vulnerable": false}, {"criteria": "cpe:2.3:h:meinbergglobal:lantime_m300:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5FCA50A-2C6A-41ED-8E9D-38BA52C8428B", "vulnerable": false}, {"criteria": "cpe:2.3:h:meinbergglobal:lantime_m400:-:*:*:*:*:*:*:*", "matchCriteriaId": "51E5EFBE-3C3F-4386-A469-E190611A5A34", "vulnerable": false}, {"criteria": "cpe:2.3:h:meinbergglobal:lantime_m600:-:*:*:*:*:*:*:*", "matchCriteriaId": "46F4C7AA-30BB-402B-A21C-6FEEC919853C", "vulnerable": false}, {"criteria": "cpe:2.3:h:meinbergglobal:lantime_m900:-:*:*:*:*:*:*:*", "matchCriteriaId": "164CB3CF-F979-4591-8DF8-972123E216B0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In Meinbergs LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.\n"}], "id": "CVE-2023-1731", "lastModified": "2024-11-21T07:39:47.157", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "info@cert.vde.com", "type": "Secondary"}]}, "published": "2023-04-24T14:15:07.640", "references": [{"source": "info@cert.vde.com", "tags": ["Vendor Advisory"], "url": "https://www.meinbergglobal.com/english/news/meinberg-security-advisory-mbgsa-2023-02-lantime-firmware-v7-06-013.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.meinbergglobal.com/english/news/meinberg-security-advisory-mbgsa-2023-02-lantime-firmware-v7-06-013.htm"}], "sourceIdentifier": "info@cert.vde.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "info@cert.vde.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{}