What is CVE-2023-26239?

CVE-2023-26239 is a vulnerability in WatchGuard EPDR 8.0.21.0002 where weak password check implementation allows obtaining credentials to access the management console as a non-privileged user.

How severe is CVE-2023-26239?

CVE-2023-26239 has a severity rating of 5.5 (Medium).

What software versions are affected by CVE-2023-26239?

The affected software versions for CVE-2023-26239 are WatchGuard EPDR 8.0.21.0002 up to exclusive version 8.00.22.0010.

How can I fix CVE-2023-26239?

To fix CVE-2023-26239, it is recommended to update to a version beyond 8.00.22.0010 and ensure a strong password check implementation.

Where can I find more information about CVE-2023-26239?

You can find more information about CVE-2023-26239 on the WatchGuard PSIRT advisory page: [WatchGuard PSIRT Advisory](https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00007).

Vulnerability/
CVE-2023-26239

medium

5.5

CWE

273

5/10/2023

19/9/2024

CVE-2023-26239

First published: Thu Oct 05 2023(Updated: )

An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Watchguard Epp Firmware	<8.00.22.0010
Watchguard Epp
Watchguard Edr Firmware	<8.00.22.0010
Watchguard Edr
Watchguard Epdr Firmware	<8.00.22.0010
WatchGuard EPDR
Watchguard Panda Ad360 Firmware	<8.00.22.0010
Watchguard Panda Ad360

Never miss a vulnerability like this again

Reference Links

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00007

Frequently Asked Questions

What is CVE-2023-26239?
CVE-2023-26239 is a vulnerability in WatchGuard EPDR 8.0.21.0002 where weak password check implementation allows obtaining credentials to access the management console as a non-privileged user.
How severe is CVE-2023-26239?
CVE-2023-26239 has a severity rating of 5.5 (Medium).
What software versions are affected by CVE-2023-26239?
The affected software versions for CVE-2023-26239 are WatchGuard EPDR 8.0.21.0002 up to exclusive version 8.00.22.0010.
How can I fix CVE-2023-26239?
To fix CVE-2023-26239, it is recommended to update to a version beyond 8.00.22.0010 and ensure a strong password check implementation.
Where can I find more information about CVE-2023-26239?
You can find more information about CVE-2023-26239 on the WatchGuard PSIRT advisory page: [WatchGuard PSIRT Advisory](https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2023-00007).

collector/nvd-api
collector/nvd-index
agent/type
agent/weakness
agent/references
agent/severity
agent/author
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
vendor/watchguard
canonical/watchguard epp firmware
canonical/watchguard epp
canonical/watchguard edr firmware
canonical/watchguard edr
canonical/watchguard epdr firmware
canonical/watchguard epdr
canonical/watchguard panda ad360 firmware
canonical/watchguard panda ad360

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.