CVE-2017-5137

Опубликовано: 05 фев. 2017

Источник: nvd

CVSS3: 6.2

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could request and download the SMS logs from an unauthenticated perspective.

Ссылки

http://www.securityfocus.com/bid/96031
Third Party Advisory
VDB Entry
https://niantech.io/blog/2017/02/05/vulns-multiple-vulns-in-sendquick-entera-avera-sms-gateway-appliances/
Third Party Advisory
URL Repurposed
http://www.securityfocus.com/bid/96031
Third Party Advisory
VDB Entry
https://niantech.io/blog/2017/02/05/vulns-multiple-vulns-in-sendquick-entera-avera-sms-gateway-appliances/
Third Party Advisory
URL Repurposed

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:sendquick:entera_sms_gateway_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sendquick:entera_sms_gateway:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:sendquick:avera_sms_gateway_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:sendquick:avera_sms_gateway:-:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00316

Низкий

6.2 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-532

Связанные уязвимости

GHSA-452r-r77c-2p69