CVE-2023-31634

In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote viewing and operation of user data. After accessing the IP address for the TeslaMate instance, an attacker can switch the port to 3000 to enter Grafana for remote operations. At that time, the default username and password can be used to enter the Grafana management console without logging in, a related issue to CVE-2022-23126.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/XC9409/CVE-2023-31634/blob/main/PoC
https://github.com/adriankumpf/teslamate/releases/tag/v1.27.2
https://github.com/XC9409/CVE-2023-31634/blob/main/PoC
https://github.com/adriankumpf/teslamate/releases/tag/v1.27.2

Configurations

No configuration.

History

No history.

Information

Published : 2024-03-27 06:15

Updated : 2024-11-21 08:02

NVD link : CVE-2023-31634

Mitre link : CVE-2023-31634

CVE.ORG link : CVE-2023-31634

JSON object : View

Products Affected

No product.

CWE

CWE-287

Improper Authentication

{"id": "CVE-2023-31634", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-03-27T06:15:08.807", "references": [{"url": "https://github.com/XC9409/CVE-2023-31634/blob/main/PoC", "source": "cve@mitre.org"}, {"url": "https://github.com/adriankumpf/teslamate/releases/tag/v1.27.2", "source": "cve@mitre.org"}, {"url": "https://github.com/XC9409/CVE-2023-31634/blob/main/PoC", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/adriankumpf/teslamate/releases/tag/v1.27.2", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote viewing and operation of user data. After accessing the IP address for the TeslaMate instance, an attacker can switch the port to 3000 to enter Grafana for remote operations. At that time, the default username and password can be used to enter the Grafana management console without logging in, a related issue to CVE-2022-23126."}, {"lang": "es", "value": "En TeslaMate anterior a 1.27.2, existe acceso no autorizado al puerto 4000 para visualizaci\u00f3n y operaci\u00f3n remota de los datos del usuario. Despu\u00e9s de acceder a la direcci\u00f3n IP de la instancia de TeslaMate, un atacante puede cambiar el puerto a 3000 para ingresar a Grafana para operaciones remotas. En ese momento, el nombre de usuario y la contrase\u00f1a predeterminados se pueden usar para ingresar a la consola de administraci\u00f3n de Grafana sin iniciar sesi\u00f3n, un problema relacionado con CVE-2022-23126."}], "lastModified": "2024-11-21T08:02:07.780", "sourceIdentifier": "cve@mitre.org"}