exploitDog

CVE-2016-8371

Опубликовано: 05 апр. 2018

Источник: nvd

CVSS3: 7.3

CVSS2: 7.5

EPSS Средний

Описание

The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.

Ссылки

http://www.securityfocus.com/bid/94163
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-313-01
Third Party Advisory
US Government Resource
https://www.exploit-db.com/exploits/45590/
http://www.securityfocus.com/bid/94163
Third Party Advisory
VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-313-01
Third Party Advisory
US Government Resource
https://www.exploit-db.com/exploits/45590/

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:phoenixcontact:ilc_plcs_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:phoenixcontact:ilc_plcs:-:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.12534

Средний

7.3 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-592

CWE-287

Связанные уязвимости

GHSA-vprp-wv7r-hv9r

CVSS3: 7.3

github

больше 3 лет назад

The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.

EPSS

Процентиль: 94%

0.12534

Средний

7.3 High

CVSS3

7.5 High

CVSS2

Дефекты

CWE-592

CWE-287