PatchSiren

Solar-Log CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Solar-Log CVE published 2024-10-29

CVE-2023-46344

A cross-site scripting (XSS) vulnerability in Solar-Log Base 15 allows authenticated attackers to bypass access controls and gain unauthorized access. The vulnerability, published by CISA on October 29, 2024, affects Firmware_6.0.1_Build_161 with a CVSS 3.1 score of 5.4 (MEDIUM). Solar-Log has released Firmware 6.2.0-170 as a vendor fix.