CVSS 3.1 Score 4.9 of 10 (medium)


Published Aug 9, 2023
Updated: Dec 14, 2023
CWE ID 311


CVE-2023-37858 is a vulnerability found in PHOENIX CONTACTs WP 6xxx series web panels prior to version 4.0.10. An authenticated remote attacker with admin privileges can exploit this vulnerability to read hardcoded cryptographic keys and decrypt an encrypted web application login password. The base severity of this vulnerability is medium, with a CVSS score of 4.9, and it poses a high confidentiality impact to organizations. To remediate this vulnerability, users should update their PHOENIX CONTACTs WP 6xxx series web panels to version 4.0.10 or later.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-37858 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options