exploitDog

CVE-2018-15357

Опубликовано: 17 авг. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0.

Ссылки

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-013-eltex-esp-200-router-information-disclosure/
Mitigation
Third Party Advisory
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/08/17/klcert-18-013-eltex-esp-200-router-information-disclosure/
Mitigation
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:eltex:esp-200_firmware:1.2.0:*:*:*:*:*:*:*

cpe:2.3:h:eltex:esp-200:-:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00424

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-687f-mfxq-m4c2

CVSS3: 6.5

github

больше 3 лет назад

An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0.

EPSS

Процентиль: 62%

0.00424

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-200