CVE-2023-3761
LOWIntergard SGS 8.7.0 - Cleartext Transmission of Sensitive Information in Password Change Handler
Title source: llmDescription
A vulnerability was found in Intergard SGS 8.7.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Password Change Handler. The manipulation leads to cleartext transmission of sensitive information. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-234446 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References (3)
Core 3
Core References
Permissions Required exploit
media-coverage
https://youtu.be/bMJwSCps0Lc
Permissions Required, Third Party Advisory vdb-entry
technical-description
https://vuldb.com/?id.234446
Permissions Required, Third Party Advisory signature
permissions-required
https://vuldb.com/?ctiid.234446
Scores
CVSS v3
3.7
EPSS
0.0040
EPSS Percentile
31.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-319
Status
published
Products (1)
intergard/smartgard_silver_with_matrix_keyboard
8.7.0
Published
Jul 19, 2023
Tracked Since
Feb 18, 2026