Launchpad CVE tracker

CVE 2023-4523

Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross-site scripting, which could allow an attacker to run any JavaScript reference from the URL string. If this were to occur, the gateway's HTTP interface would redirect to the main page, which is index.htm.

Related bugs and status

CVE-2023-4523 (Candidate) is related to these bugs:

Bug #2040137: exposing the EFI shell in Secure Boot mode can lead to security bypass

		In	Importance	Status
2040137	exposing the EFI shell in Secure Boot mode can lead to security bypass	edk2 (Ubuntu)	Undecided	Fix Released
2040137	exposing the EFI shell in Secure Boot mode can lead to security bypass	lxd (Ubuntu)	Undecided	New
2040137	exposing the EFI shell in Secure Boot mode can lead to security bypass	edk2 (Ubuntu Focal)	Undecided	Fix Released
2040137	exposing the EFI shell in Secure Boot mode can lead to security bypass	lxd (Ubuntu Focal)	Undecided	New
2040137	exposing the EFI shell in Secure Boot mode can lead to security bypass	edk2 (Ubuntu Noble)	Undecided	Fix Released
2040137	exposing the EFI shell in Secure Boot mode can lead to security bypass	lxd (Ubuntu Noble)	Undecided	New
2040137	exposing the EFI shell in Secure Boot mode can lead to security bypass	edk2 (Ubuntu Jammy)	Undecided	Fix Released
2040137	exposing the EFI shell in Secure Boot mode can lead to security bypass	lxd (Ubuntu Jammy)	Undecided	New
2040137	exposing the EFI shell in Secure Boot mode can lead to security bypass	edk2 (Ubuntu Mantic)	Undecided	Fix Released
2040137	exposing the EFI shell in Secure Boot mode can lead to security bypass	lxd (Ubuntu Mantic)	Undecided	New

See the

CVE page on Mitre.org for more details.

References

MISC: https://www.cisa.gov/n...

Launchpad.net

CVE 2023-4523

Related bugs and status

Related bugs

References