Описание
An Improper Authentication issue was discovered in Envitech EnviDAS Ultimate Versions prior to v1.0.0.5. The web application lacks proper authentication which could allow an attacker to view information and modify settings or execute code remotely.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government ResourceVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government ResourceVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.0.4 (включая)
cpe:2.3:a:envitech:envidas_ultimate:*:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01344
Низкий
8.2 High
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-287
CWE-287
Связанные уязвимости
CVSS3: 8.2
github
больше 3 лет назад
An Improper Authentication issue was discovered in Envitech EnviDAS Ultimate Versions prior to v1.0.0.5. The web application lacks proper authentication which could allow an attacker to view information and modify settings or execute code remotely.
EPSS
Процентиль: 80%
0.01344
Низкий
8.2 High
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-287
CWE-287