← back
CVE-2023-41088

Cleartext Transmission of Sensitive Information in DEXMA DEXGate

CVSS 6.3 MEDIUMEPSS 0.2%CWE-319
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.3EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
19 Oct 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker with access to the network, where clients have access to the DexGate server, could capture traffic. The attacker can later us the information within it to access the application.
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Affected products
DEXMA · DexGate

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.cisa.gov/news-events/ics-advisories/icsa-23-271-02