Описание
An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the SNMP version 3 user's password. The web page displayed by the appliance contains the password in cleartext. Passwords of the read and write users could be retrieved by browsing the source code of the webpage.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:eaton:9px_ups_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:eaton:9px_ups:-:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00309
Низкий
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-522
Связанные уязвимости
CVSS3: 4.9
github
больше 3 лет назад
An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the SNMP version 3 user's password. The web page displayed by the appliance contains the password in cleartext. Passwords of the read and write users could be retrieved by browsing the source code of the webpage.
EPSS
Процентиль: 54%
0.00309
Низкий
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-522