Approved changes feed: RSS · Atom

cpe:2.3:a:ailux:imx6_bundle:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAilux (50182cad-1192-5ffc-ab9a-a97e4b9cc202)
ProductImx6 Bundle (7142fb17-6aa8-58ec-a94a-8c871b40123c)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-5457 vulnerable 2026-06-08 06:19:43.774135 Details available
HIGH (7.5)
A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework used by the web application (due to the “debug” configuration parameter set to “True”) allows a remote unauthenticated attacker to access critical information and have other unspecified impacts to the confidentiality, integrity, and availability of the application. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
Published: 2024-03-05T11:15:01.811Z
Updated: 2024-08-23T20:20:12.620Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-5456 vulnerable 2026-06-08 06:19:43.772564 Details available
HIGH (8.1)
A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB database of the web application allows a remote unauthenticated attacker to access the database service and all included data with the same privileges of the web application. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
Published: 2024-03-05T11:10:44.986Z
Updated: 2024-08-02T07:59:44.637Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45600 vulnerable 2026-06-08 06:12:42.883485 Details available
MEDIUM (5.6)
A CWE-613 “Insufficient Session Expiration” vulnerability in the web application, due to the session cookie “sessionid” lasting two weeks, facilitates session hijacking attacks against victims. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
Published: 2024-03-05T11:35:39.567Z
Updated: 2024-08-12T17:30:54.064Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45599 vulnerable 2026-06-08 06:12:42.882981 Details available
MEDIUM (5.5)
A CWE-646 “Reliance on File Name or Extension of Externally-Supplied File” vulnerability in the “iec61850” functionality of the web application allows a remote authenticated attacker to upload any arbitrary type of file into the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
Published: 2024-03-05T11:34:38.752Z
Updated: 2024-08-02T20:21:16.689Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45598 vulnerable 2026-06-08 06:12:42.882388 Details available
MEDIUM (5.3)
A CWE-425 “Direct Request ('Forced Browsing')” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
Published: 2024-03-05T11:33:24.233Z
Updated: 2024-10-17T09:32:54.237Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45597 vulnerable 2026-06-08 06:12:42.881883 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45596 vulnerable 2026-06-08 06:12:42.881338 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45595 vulnerable 2026-06-08 06:12:42.880800 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45594 vulnerable 2026-06-08 06:12:42.880169 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45593 vulnerable 2026-06-08 06:12:42.879774 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45592 vulnerable 2026-06-08 06:12:42.879178 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-45591 vulnerable 2026-06-08 06:12:42.877778 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.