CVE-2023-38523 (GCVE-0-2023-38523)

Vulnerability from cvelistv5 – Published: 2023-07-20 00:00 – Updated: 2024-10-28 13:40
VLAI
Summary
The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder before 1.15.61, N-Series N1x22A Video Encoder/Decoder before 1.15.61, N-Series N1x33A Video Encoder/Decoder before 1.15.61, N-Series N1x33 Video Encoder/Decoder before 1.15.61, N-Series N2x35 Video Encoder/Decoder before 1.15.61, N-Series N2x35A Video Encoder/Decoder before 1.15.61, N-Series N2xx2 Video Encoder/Decoder before 1.15.61, N-Series N2xx2A Video Encoder/Decoder before 1.15.61, N-Series N3000 Video Encoder/Decoder before 2.12.105, and N-Series N4321 Audio Transceiver before 1.00.06.
Severity
No CVSS data available.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • n/a
Assigner
References
Impacted products
Vendor Product Version
samsung harman_amx_n_series Affected: 0 , < 1.15.61 (custom)
    cpe:2.3:a:samsung:harman_amx_n_series:*:*:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:46:56.632Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.harmanpro.com/n1115-svsi-firmware"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.harmanpro.com/n1x22a-updater"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.harmanpro.com/n1x33a-updater"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.harmanpro.com/n1x33-updater"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.harmanpro.com/n2x35-updater-hotfix"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.harmanpro.com/n2x35a-updater-hotfix"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.harmanpro.com/n2xx2-updater-hotfix"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.harmanpro.com/n2xx2a-updater"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.harmanpro.com/svsi-n4321-firmware"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://help.harmanpro.com/n3k-updater-hotfix"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://wiki.notveg.ninja/blog/CVE-2023-38523/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:samsung:harman_amx_n_series:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "harman_amx_n_series",
            "vendor": "samsung",
            "versions": [
              {
                "lessThan": "1.15.61",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-38523",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-28T13:19:43.573085Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-28T13:40:56.196Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder before 1.15.61, N-Series N1x22A Video Encoder/Decoder before 1.15.61, N-Series N1x33A Video Encoder/Decoder before 1.15.61, N-Series N1x33 Video Encoder/Decoder before 1.15.61, N-Series N2x35 Video Encoder/Decoder before 1.15.61, N-Series N2x35A Video Encoder/Decoder before 1.15.61, N-Series N2xx2 Video Encoder/Decoder before 1.15.61, N-Series N2xx2A Video Encoder/Decoder before 1.15.61, N-Series N3000 Video Encoder/Decoder before 2.12.105, and N-Series N4321 Audio Transceiver before 1.00.06."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-20T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://help.harmanpro.com/n1115-svsi-firmware"
        },
        {
          "url": "https://help.harmanpro.com/n1x22a-updater"
        },
        {
          "url": "https://help.harmanpro.com/n1x33a-updater"
        },
        {
          "url": "https://help.harmanpro.com/n1x33-updater"
        },
        {
          "url": "https://help.harmanpro.com/n2x35-updater-hotfix"
        },
        {
          "url": "https://help.harmanpro.com/n2x35a-updater-hotfix"
        },
        {
          "url": "https://help.harmanpro.com/n2xx2-updater-hotfix"
        },
        {
          "url": "https://help.harmanpro.com/n2xx2a-updater"
        },
        {
          "url": "https://help.harmanpro.com/svsi-n4321-firmware"
        },
        {
          "url": "https://help.harmanpro.com/n3k-updater-hotfix"
        },
        {
          "url": "https://wiki.notveg.ninja/blog/CVE-2023-38523/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-38523",
    "datePublished": "2023-07-20T00:00:00.000Z",
    "dateReserved": "2023-07-19T00:00:00.000Z",
    "dateUpdated": "2024-10-28T13:40:56.196Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-38523",
      "date": "2026-06-03",
      "epss": "0.00452",
      "percentile": "0.64064"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-38523\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-07-20T19:15:10.793\",\"lastModified\":\"2024-11-21T08:13:45.303\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder before 1.15.61, N-Series N1x22A Video Encoder/Decoder before 1.15.61, N-Series N1x33A Video Encoder/Decoder before 1.15.61, N-Series N1x33 Video Encoder/Decoder before 1.15.61, N-Series N2x35 Video Encoder/Decoder before 1.15.61, N-Series N2x35A Video Encoder/Decoder before 1.15.61, N-Series N2xx2 Video Encoder/Decoder before 1.15.61, N-Series N2xx2A Video Encoder/Decoder before 1.15.61, N-Series N3000 Video Encoder/Decoder before 2.12.105, and N-Series N4321 Audio Transceiver before 1.00.06.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1115-wp-wh_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"242568EC-FB04-4F46-BC7A-038B9D530DC2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1115-wp-wh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DB36659-A010-42C5-981F-9C7F9904AAE9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1122-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"142A8C5D-0501-490A-A1E5-15DED54284EA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1122-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A84E890B-9AE9-417C-A32C-50D1D5F3CC07\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1122-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"1D290ECA-0892-43ED-91D8-35FECEBB9928\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1122-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A5C46BA-B971-4E35-8983-06F593D3BE3E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1222-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"AC7066FC-1C9B-4533-A5F3-B0711BF4CEAE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1222-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28EFB251-90A2-4882-AC89-8973448B3BBA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1222-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"55DFB8F7-F867-4288-8A52-3AE2B175852A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1222-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14B76C3D-0AFC-4BC8-B6F4-7C89164374F1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1233-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"0CA5322B-A327-4E58-B1C1-E3AE108D6AD2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1233-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2475E4E8-39A2-4D70-91B2-C6FB1C4E8719\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1133-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"794A8F91-F018-4044-B8CD-4F22E42A4C22\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1133-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2EFB60A-9C2B-4F3E-BE7A-30855C379678\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1133-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"8F0CD7F4-BC9C-45F0-80C3-AA9351233BA9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1133-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B5A1B6-37B5-4331-B9EA-91322DFF9420\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1233-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"C8EFFFB6-DCC7-4DD8-86B6-94233E3A293F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1233-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1824025-72A6-4DF9-83FF-0BD4EFB1EF65\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1133a-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"86942467-8B88-4E5C-B56C-58CCEF8C500E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1133a-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AB98506-C4C2-43D6-B473-4D86CF0FEF6E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1233a-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"AA7F3E13-2333-44EE-B996-F9C32F47EE31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1233a-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"934869C3-3F82-4C7F-B6DB-A91EB32FCC1C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1133a-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"75259D4C-2B65-4AF3-BB63-8B639EC50794\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1133a-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BA7341C-D2D7-4950-9D72-FB8162F63B5F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn1233a-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"D3A1CD85-581B-49EF-B848-63F8B164D47B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn1233a-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"860824F9-A35E-4765-9A38-1D8099B85EBD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2135-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"1F104BE9-0F1B-4905-B661-82F906566529\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2135-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58C2595B-AACF-4250-BAD7-1C93621DFDF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2235-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"A7B3440E-0BB6-4CE2-B994-DFC4D0096468\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2235-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"946DD963-3887-4D32-98CA-67D1C86BF882\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2235-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"36261E2D-85C9-4EF7-941D-34B4B3895EB6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2235-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48590652-74D5-4A7A-9A6E-A76F6A16012A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2135-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"0D88EB5B-39B1-40E7-AAB9-D82AF2FFB255\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2135-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3773BEC6-F1EB-4CE5-85B1-B75205C929A2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2122-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"AF24741B-C3B8-48BA-969D-1ED366814867\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2122-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C6D57B9-A115-47EA-B4BD-3A091F98FC97\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2222-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"4D76FF58-029B-4EE6-ADE7-08282E701EA3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2222-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B34A169-692D-46C5-A2BC-518890D03E4B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2212-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"32257B4F-2FE9-4994-ACCD-740296CDFD24\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2212-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62D1EAC6-B2B0-418E-A3EA-B4B81ECC5C96\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2122-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"B8C475FF-85C5-4BDB-80E7-FD102AA9CAA5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2122-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F3ACD46-6873-4F6C-9E63-A5B80C0FD961\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2222-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"0E26A9A1-B926-4697-A38F-F0DB7D2B43AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2222-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54A5D48C-3988-4157-9516-C8A14C0AE768\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2212-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"52C84C09-CDD0-4A56-9D83-BCCEEF3E9D5C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2212-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26DD7029-A1F9-4651-BD32-A10A0EDB2549\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2222a-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"0870E86A-845B-47BF-9541-BD33046F5DF6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2222a-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E7AAA0C-7CF1-4D61-8E15-A86B855D3A78\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2122a-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"9636CB2B-75D0-4D0A-AC86-AA0452A3F952\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2122a-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48755959-AF58-4410-8FF3-712AC42F6F43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2122a-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"B143678C-109E-4741-AA63-70A21E965102\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2122a-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7920A98-2CD1-4CBF-B9F0-190D785ADEF3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn2222a-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.15.61\",\"matchCriteriaId\":\"15078D0B-1652-4130-971B-A097603D85DA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn2222a-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"337E1D96-5092-46BF-9136-23836EBE661E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn3132a-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.12.105\",\"matchCriteriaId\":\"0F5FA567-6385-4BBE-BF38-385D7E87B796\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn3132a-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73815387-4443-4D80-9C9D-83624D97C6AC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn3132a-c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.12.105\",\"matchCriteriaId\":\"00328B78-F4DB-4D52-88D2-0176A1BCF94D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn3132a-c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4690EB3D-04C4-479C-9B62-CDE18F14E28E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn3232a-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.12.105\",\"matchCriteriaId\":\"C82AD426-4766-4C5C-9934-5ABC79C9EE45\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn3232a-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEA1B659-911F-4AB9-8C0F-1474BF430414\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn3232a-c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.12.105\",\"matchCriteriaId\":\"DCE2A4EE-DF2C-4B69-AC1E-1B8439DCC5C4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn3232a-c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D7D9170-5505-4A9B-B8E1-B839578EC4B6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn4321-sa_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.00.06\",\"matchCriteriaId\":\"37014A4D-36AB-40F7-AE7D-CB1E502E4A82\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn4321-sa:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A65D4D7-AD55-43A4-ADB6-763C978D6EBB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:fgn4321-cd_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.00.06\",\"matchCriteriaId\":\"4C151E3B-4616-44BF-8A86-37B34F891D6E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:samsung:fgn4321-cd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86EED9BA-4A77-4651-9E4D-DF3BB5E35E7F\"}]}]}],\"references\":[{\"url\":\"https://help.harmanpro.com/n1115-svsi-firmware\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n1x22a-updater\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n1x33-updater\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n1x33a-updater\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n2x35-updater-hotfix\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n2x35a-updater-hotfix\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n2xx2-updater-hotfix\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n2xx2a-updater\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n3k-updater-hotfix\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/svsi-n4321-firmware\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://wiki.notveg.ninja/blog/CVE-2023-38523/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://help.harmanpro.com/n1115-svsi-firmware\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n1x22a-updater\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n1x33-updater\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n1x33a-updater\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n2x35-updater-hotfix\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n2x35a-updater-hotfix\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n2xx2-updater-hotfix\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n2xx2a-updater\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/n3k-updater-hotfix\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://help.harmanpro.com/svsi-n4321-firmware\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://wiki.notveg.ninja/blog/CVE-2023-38523/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://help.harmanpro.com/n1115-svsi-firmware\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.harmanpro.com/n1x22a-updater\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.harmanpro.com/n1x33a-updater\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.harmanpro.com/n1x33-updater\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.harmanpro.com/n2x35-updater-hotfix\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.harmanpro.com/n2x35a-updater-hotfix\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.harmanpro.com/n2xx2-updater-hotfix\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.harmanpro.com/n2xx2a-updater\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.harmanpro.com/svsi-n4321-firmware\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.harmanpro.com/n3k-updater-hotfix\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://wiki.notveg.ninja/blog/CVE-2023-38523/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T17:46:56.632Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-38523\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-28T13:19:43.573085Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:samsung:harman_amx_n_series:*:*:*:*:*:*:*:*\"], \"vendor\": \"samsung\", \"product\": \"harman_amx_n_series\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.15.61\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-28T13:40:49.520Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://help.harmanpro.com/n1115-svsi-firmware\"}, {\"url\": \"https://help.harmanpro.com/n1x22a-updater\"}, {\"url\": \"https://help.harmanpro.com/n1x33a-updater\"}, {\"url\": \"https://help.harmanpro.com/n1x33-updater\"}, {\"url\": \"https://help.harmanpro.com/n2x35-updater-hotfix\"}, {\"url\": \"https://help.harmanpro.com/n2x35a-updater-hotfix\"}, {\"url\": \"https://help.harmanpro.com/n2xx2-updater-hotfix\"}, {\"url\": \"https://help.harmanpro.com/n2xx2a-updater\"}, {\"url\": \"https://help.harmanpro.com/svsi-n4321-firmware\"}, {\"url\": \"https://help.harmanpro.com/n3k-updater-hotfix\"}, {\"url\": \"https://wiki.notveg.ninja/blog/CVE-2023-38523/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This affects N-Series N1115 Wallplate Video Encoder before 1.15.61, N-Series N1x22A Video Encoder/Decoder before 1.15.61, N-Series N1x33A Video Encoder/Decoder before 1.15.61, N-Series N1x33 Video Encoder/Decoder before 1.15.61, N-Series N2x35 Video Encoder/Decoder before 1.15.61, N-Series N2x35A Video Encoder/Decoder before 1.15.61, N-Series N2xx2 Video Encoder/Decoder before 1.15.61, N-Series N2xx2A Video Encoder/Decoder before 1.15.61, N-Series N3000 Video Encoder/Decoder before 2.12.105, and N-Series N4321 Audio Transceiver before 1.00.06.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2023-07-20T00:00:00.000Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-38523\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-28T13:40:56.196Z\", \"dateReserved\": \"2023-07-19T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-07-20T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.