Описание
Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:eaton:proview:4.0:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:eaton:proview:5.0.10:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00324
Низкий
5.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data.
EPSS
Процентиль: 55%
0.00324
Низкий
5.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-200