CVE-2023-6259 - Vulnerability Details - OpenCVE

Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3.

No CVSS v4.0

Attack Vector Physical

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Brivo	Acs100 Acs100 Firmware Acs300 Acs300 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:brivo:acs100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:brivo:acs100:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:brivo:acs300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:brivo:acs300:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://sra.io/advisories/
https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3

History

Tue, 01 Apr 2025 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Brivo Brivo acs100 Brivo acs100 Firmware Brivo acs300 Brivo acs300 Firmware
CPEs		cpe:2.3:h:brivo:acs100:-:::::::* cpe:2.3:h:brivo:acs300:::::::: cpe:2.3:o:brivo:acs100_firmware:::::::: cpe:2.3:o:brivo:acs300_firmware::::::::
Vendors & Products		Brivo Brivo acs100 Brivo acs100 Firmware Brivo acs300 Brivo acs300 Firmware

MITRE

Status: PUBLISHED

Assigner: SRA

Published: 2024-02-19T21:28:01.273Z

Updated: 2024-08-22T13:49:14.128Z

Reserved: 2023-11-22T17:16:35.993Z

Link: CVE-2023-6259

Vulnrichment

Updated: 2024-08-02T08:28:20.193Z

NVD

Status : Analyzed

Published: 2024-02-19T22:15:48.253

Modified: 2025-04-01T15:36:17.780

Link: CVE-2023-6259

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6259", "assignerOrgId": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "state": "PUBLISHED", "assignerShortName": "SRA", "dateReserved": "2023-11-22T17:16:35.993Z", "datePublished": "2024-02-19T21:28:01.273Z", "dateUpdated": "2024-08-22T13:49:14.128Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "ACS100, ACS300", "vendor": "Brivo", "versions": [{"lessThan": "6.2.4.3", "status": "affected", "version": "5.2.4", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Gabe Siftar (SRA)"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Krzysztof Grochal (SRA)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.<p>This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3.</p>"}], "value": "Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3.\n\n"}], "impacts": [{"capecId": "CAPEC-50", "descriptions": [{"lang": "en", "value": "CAPEC-50 Password Recovery Exploitation"}]}, {"capecId": "CAPEC-390", "descriptions": [{"lang": "en", "value": "CAPEC-390 Bypassing Physical Security"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "description": "CWE-522 Insufficiently Protected Credentials", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-284", "description": "CWE-284: Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "shortName": "SRA", "dateUpdated": "2024-02-21T14:48:34.059Z"}, "references": [{"url": "https://sra.io/advisories/"}, {"url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3"}], "source": {"discovery": "UNKNOWN"}, "title": "Local Access to Sensitive Data in Brivo ACS100 and ACS300 ", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:20.193Z"}, "title": "CVE Program Container", "references": [{"url": "https://sra.io/advisories/", "tags": ["x_transferred"]}, {"url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "brivo", "product": "acs100_firmware", "cpes": ["cpe:2.3:o:brivo:acs100_firmware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.2.4", "status": "affected", "lessThan": "6.2.4.3", "versionType": "semver"}]}, {"vendor": "brivo", "product": "acs300_firmware", "cpes": ["cpe:2.3:o:brivo:acs300_firmware:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "5.2.4", "status": "affected", "lessThan": "6.2.4.3", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-22T13:28:12.374565Z", "id": "CVE-2023-6259", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-22T13:49:14.128Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sra.io/advisories/", "tags": ["x_transferred"]}, {"url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:28:20.193Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6259", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-22T13:28:12.374565Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:brivo:acs100_firmware:*:*:*:*:*:*:*:*"], "vendor": "brivo", "product": "acs100_firmware", "versions": [{"status": "affected", "version": "5.2.4", "lessThan": "6.2.4.3", "versionType": "semver"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:brivo:acs300_firmware:*:*:*:*:*:*:*:*"], "vendor": "brivo", "product": "acs300_firmware", "versions": [{"status": "affected", "version": "5.2.4", "lessThan": "6.2.4.3", "versionType": "semver"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-22T13:49:04.737Z"}}], "cna": {"title": "Local Access to Sensitive Data in Brivo ACS100 and ACS300 ", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Gabe Siftar (SRA)"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Krzysztof Grochal (SRA)"}], "impacts": [{"capecId": "CAPEC-50", "descriptions": [{"lang": "en", "value": "CAPEC-50 Password Recovery Exploitation"}]}, {"capecId": "CAPEC-390", "descriptions": [{"lang": "en", "value": "CAPEC-390 Bypassing Physical Security"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "PHYSICAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Brivo", "product": "ACS100, ACS300", "versions": [{"status": "affected", "version": "5.2.4", "lessThan": "6.2.4.3", "versionType": "semver"}], "defaultStatus": "unknown"}], "references": [{"url": "https://sra.io/advisories/"}, {"url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3.\n\n", "supportingMedia": [{"type": "text/html", "value": "Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.<p>This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-522", "description": "CWE-522 Insufficiently Protected Credentials"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}], "providerMetadata": {"orgId": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "shortName": "SRA", "dateUpdated": "2024-02-21T14:48:34.059Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6259", "state": "PUBLISHED", "dateUpdated": "2024-08-22T13:49:14.128Z", "dateReserved": "2023-11-22T17:16:35.993Z", "assignerOrgId": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "datePublished": "2024-02-19T21:28:01.273Z", "assignerShortName": "SRA"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:brivo:acs100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B6F89099-1C5B-40BC-8F21-1EDB1FA4815C", "versionEndExcluding": "6.2.4.3", "versionStartIncluding": "5.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:brivo:acs100:-:*:*:*:*:*:*:*", "matchCriteriaId": "B21FAE09-C308-4E75-87C0-15F6637D139C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:brivo:acs300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E455B577-1BD1-45CA-B744-4459B18B9E99", "versionEndExcluding": "6.2.4.3", "versionStartIncluding": "5.2.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:brivo:acs300:*:*:*:*:*:*:*:*", "matchCriteriaId": "1EB2A50D-45A6-48B3-A2FA-90435F9638CF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Insufficiently Protected Credentials, : Improper Access Control vulnerability in Brivo ACS100, ACS300 allows Password Recovery Exploitation, Bypassing Physical Security.This issue affects ACS100, ACS300: from 5.2.4 before 6.2.4.3.\n\n"}, {"lang": "es", "value": "Credenciales insuficientemente protegidas: vulnerabilidad de control de acceso inadecuado en Brivo ACS100, ACS300 permite la explotaci\u00f3n de la recuperaci\u00f3n de contrase\u00f1as, evitando la seguridad f\u00edsica. Este problema afecta a ACS100, ACS300: desde 5.2.4 antes de 6.2.4.3."}], "id": "CVE-2023-6259", "lastModified": "2025-04-01T15:36:17.780", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 6.0, "source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-19T22:15:48.253", "references": [{"source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "tags": ["Third Party Advisory"], "url": "https://sra.io/advisories/"}, {"source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "tags": ["Release Notes"], "url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://sra.io/advisories/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://support.brivo.com/l/en/article/g82txdwepa-brivo-firmware-release-notes#brivo_firmware_release_6_2_4_3"}], "sourceIdentifier": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-522"}], "source": "57dba5dd-1a03-47f6-8b36-e84e47d335d8", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-522"}], "source": "nvd@nist.gov", "type": "Primary"}]}