Описание
Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the username and password between server and client instances, which allows remote attackers to obtain sensitive information via a man in the middle attack.
Ссылки
- ExploitMitigationThird Party Advisory
- ExploitMitigationThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.0 (исключая)
cpe:2.3:a:contronics:homeputer_cl_studio_fur_homematic:*:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00287
Низкий
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-522
Связанные уязвимости
CVSS3: 8.1
github
больше 3 лет назад
Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the username and password between server and client instances, which allows remote attackers to obtain sensitive information via a man in the middle attack.
EPSS
Процентиль: 52%
0.00287
Низкий
8.1 High
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-522