Описание
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2.7.3), SICAM GridEdge Essential with GDS ARM (All versions), SICAM GridEdge Essential with GDS Intel (All versions < V2.7.3). Affected software uses an improperly protected file to import SSH keys. Attackers with access to the filesystem of the host on which SICAM GridEdge runs, are able to inject a custom SSH key to that file.
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM GridEdge Essential Intel (All versions < V2.7.3), SICAM GridEdge Essential with GDS ARM (All versions), SICAM GridEdge Essential with GDS Intel (All versions < V2.7.3). Affected software uses an improperly protected file to import SSH keys. Attackers with access to the filesystem of the host on which SICAM GridEdge runs, are able to inject a custom SSH key to that file.
EPSS
5.3 Medium
CVSS4
5.5 Medium
CVSS3
CVE ID
Дефекты
Связанные уязвимости
A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.7.3). The affected application uses an improperly protected file to import SSH keys. This could allow attackers with access to the filesystem of the host on which SICAM GridEdge runs to inject a custom SSH key to that file.
Уязвимость функции импорта ключей SSH многофункциональных измерительных устройств SICAM GridEdge Essential ARM (6MD7881-2AA30), SICAM GridEdge Essential Intel (6MD7881-2AA40), SICAM GridEdge Essential Intel (6MD7881-2AA40), SICAM GridEdge Essential with GDS Intel (6MD7881-2AA20), позволяющая нарушителю выполнить произвольный код
EPSS
5.3 Medium
CVSS4
5.5 Medium
CVSS3