Unrated severityNVD Advisory· Published Jun 7, 2023· Updated Jan 6, 2025
CVE-2023-2187
CVE-2023-2187
Description
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send broadcast events to any user via the WebMonitor.An unauthenticated user can use this vulnerability to forcefully log out of any currently logged-in user by sending a "password change event". Furthermore, an attacker could use this vulnerability to spam the logged-in user with false events.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=5.01.03+ 1 more
- (no CPE)range: <=5.01.03
- (no CPE)range: 5.01.03
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.