CVE-2011-4723
Published: 20 December 2011
Summary
CVE-2011-4723 is a medium-severity Cleartext Storage of Sensitive Information (CWE-312) vulnerability in Dlink Dir-300 Firmware. Its CVSS base score is 5.7 (Medium).
Operationally, ranked in the top 5.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-28 (Protection of Information at Rest) and IA-5 (Authenticator Management).
Deeper analysis
The D-Link DIR-300 router is affected by CVE-2011-4723, a vulnerability in which the device stores passwords in cleartext. This issue is tracked under CWE-312 and received a CVSS 3.1 score of 5.7 with the vector AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.
Context-dependent attackers can leverage the flaw to obtain sensitive credential information. The attack requires adjacent network access and low privileges but results in high impact to confidentiality.
One reference URL points to the CISA Known Exploited Vulnerabilities catalog entry for this CVE, indicating that the issue has been observed in real-world exploitation and should be prioritized for remediation on affected devices.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2011-4641
Vulnerability details
The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers to obtain sensitive information via unspecified vectors.
- CWE(s)
- KEV Date Added
- 08 September 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires cryptographic protection of information at rest, eliminating the cleartext password storage flaw in the DIR-300.
Mandates secure authenticator management practices that preclude storing passwords in plaintext on the device.
Enforces access restrictions on the configuration store, limiting which processes or users can read the cleartext credentials.