CVE-2023-3803
LowCVSS 2.6Exploitation Probability (EPSS)
Low risk41th percentile — higher than 41% of all known CVEs
Summary
A vulnerability has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0 affecting an unknown part of the file /Service/ImageStationDataService.asmx. Manipulation of this part leads to insufficiently random values.
Risk Assessment
This vulnerability may lead to serious security issues, but the complexity of the attack is high, making exploitation difficult.
Recommendation
It is recommended to monitor this vulnerability and implement appropriate security measures to minimize the risk of exploitation.
Original NVD description (English source)
A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This affects an unknown part of the file /Service/ImageStationDataService.asmx of the component File Name Handler. The manipulation leads to insufficiently random values. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235071. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

