CVE-2023-4523: Real Time Automation 460 Series Cross-site Scripting
First published: Wed Sep 27 2023(Updated: )
Real Time Automation 460 Series products with versions prior to v8.9.8 are vulnerable to cross-site scripting, which could allow an attacker to run any JavaScript reference from the URL string. If this were to occur, the gateway's HTTP interface would redirect to the main page, which is index.htm.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Real Time Automation 460 Series | <8.9.8 | |
| Real Time Automation 460 Series | ||
| Real Time Automation 460 Series | ||
| Real Time Automation 460 Series | ||
| Real Time Automation 460 Series | ||
| Real Time Automation 460 Series | ||
| All of | ||
| Real Time Automation 460 Series | <8.9.8 | |
| Any of | ||
| Real Time Automation 460 Series | ||
| Real Time Automation 460 Series | ||
| Real Time Automation 460 Series | ||
| Real Time Automation 460 Series | ||
| Real Time Automation 460 Series |
Remedy
Real Time Automation recommends users download and apply the new version of their product. To update the software, contact Real Time Automation directly for assistance.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-4523?
CVE-2023-4523 is a vulnerability found in Real Time Automation 460 Series products with versions prior to v8.9.8, which allows for cross-site scripting attacks.
What is the severity of CVE-2023-4523?
The severity of CVE-2023-4523 is critical with a severity value of 6.1.
How does CVE-2023-4523 affect Real Time Automation 460 Series products?
CVE-2023-4523 affects Real Time Automation 460 Series products with versions prior to v8.9.8, allowing attackers to execute arbitrary JavaScript code via cross-site scripting.
How can I fix CVE-2023-4523?
To fix CVE-2023-4523, it is recommended to update Real Time Automation 460 Series products to version v8.9.8 or later.
Where can I find more information about CVE-2023-4523?
More information about CVE-2023-4523 can be found at the following reference: [https://www.cisa.gov/news-events/ics-advisories/icsa-23-264-01](https://www.cisa.gov/news-events/ics-advisories/icsa-23-264-01)
- agent/type
- agent/author
- agent/severity
- agent/remedy
- agent/weakness
- agent/title
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/rtautomation
- canonical/real time automation 460 series