{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T20:35:50.319","vulnerabilities":[{"cve":{"id":"CVE-2023-34998","sourceIdentifier":"talos-cna@cisco.com","published":"2023-09-05T17:15:09.153","lastModified":"2024-11-21T08:07:48.073","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can sniff network traffic to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad de omisión de autenticación en la funcionalidad del motor OAS de Open Automation Software OAS Platform v18.00.0072. Una serie de solicitudes de red especialmente diseñadas pueden dar lugar a una autenticación arbitraria. Un atacante puede rastrear el tráfico de la red para desencadenar esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-319"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openautomationsoftware:oas_platform:18.00.0072:*:*:*:*:*:*:*","matchCriteriaId":"42650183-88E5-4F14-A46F-A6215E98B081"}]}]}],"references":[{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2023-1770","source":"talos-cna@cisco.com","tags":["Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1770","source":"talos-cna@cisco.com","tags":["Third Party Advisory"]},{"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2023-1770","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1770","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}