exploitDog

GHSA-f5pf-48x3-2gh6

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.3

Описание

Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

Ссылки

EPSS

Процентиль: 95%

0.2096

Средний

7.3 High

CVSS3

CVE ID

Дефекты

CWE-285

Связанные уязвимости

CVE-2016-4531

CVSS3: 7.3

nvd

больше 9 лет назад

Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

EPSS

Процентиль: 95%

0.2096

Средний

7.3 High

CVSS3

CVE ID

Дефекты

CWE-285