CVE-2023-0822

HIGH

DIAEnergie <1.9.03.001 - Auth Bypass

Title source: llm
STIX 2.1

Description

The affected product DIAEnergie (versions prior to v1.9.03.001) contains improper authorization, which could allow an unauthorized user to bypass authorization and access privileged functionality.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-06

Scores

CVSS v3 8.8
EPSS 0.0063
EPSS Percentile 46.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-285 CWE-552
Status published
Products (1)
deltaww/diaenergie < 1.9.03.001
Published Feb 17, 2023
Tracked Since Feb 18, 2026