Описание
A vulnerability was discovered in Siemens XHQ server 4 and 5 (4 before V4.7.1.3 and 5 before V5.0.0.2) that could allow an authenticated low-privileged remote user to gain read access to data in the XHQ solution exceeding his configured permission level.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.7.1.2 (включая)Версия до 5.0.0.1 (включая)
Одно из
cpe:2.3:a:siemens:xhq_server:*:*:*:*:*:*:*:*
cpe:2.3:a:siemens:xhq_server:*:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00168
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-284
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
A vulnerability was discovered in Siemens XHQ server 4 and 5 (4 before V4.7.1.3 and 5 before V5.0.0.2) that could allow an authenticated low-privileged remote user to gain read access to data in the XHQ solution exceeding his configured permission level.
EPSS
Процентиль: 38%
0.00168
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-284
NVD-CWE-noinfo