{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-14T07:59:43.393","vulnerabilities":[{"cve":{"id":"CVE-2023-28901","sourceIdentifier":"cve@asrg.io","published":"2024-01-18T17:15:14.003","lastModified":"2024-11-21T07:56:14.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number."},{"lang":"es","value":"La nube de Skoda Automotive contiene una vulnerabilidad de control de acceso roto, que permite a atacantes remotos obtener datos de viajes recientes, kilometraje del vehículo, consumo de combustible, velocidad media y máxima y otra información de los usuarios del servicio Skoda Connect especificando un número VIN arbitrario del vehículo."}],"metrics":{"cvssMetricV31":[{"source":"cve@asrg.io","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"cve@asrg.io","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:skoda-auto:skoda_connect:-:*:*:*:*:*:*:*","matchCriteriaId":"52F83D74-D8F0-4D6C-B382-6E1ECE9373AF"}]}]}],"references":[{"url":"https://asrg.io/security-advisories/cve-2023-28901/","source":"cve@asrg.io","tags":["Third Party Advisory"]},{"url":"https://asrg.io/security-advisories/cve-2023-28901/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}