Описание
Azure IoT Explorer Information Disclosure Vulnerability
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.
FAQ
What type of information could be disclosed by this vulnerability?
This vulnerability could allow an attacker on the same network to view IoT device telemetry that is sent through the affected WebSocket connection. The exposed data may include real‑time device readings, operational status information, or device‑specific metadata transmitted by the application. The exact information disclosed depends on the telemetry configured by the device.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Azure IoT Explorer |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
7.5 High
CVSS3
Связанные уязвимости
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.
Уязвимость программного обеспечения Azure IoT Explorer, связанная с передачей критичной информации открытым текстом, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
7.5 High
CVSS3