exploitDog

CVE-2019-10979

Опубликовано: 01 июл. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password.

Ссылки

http://www.securityfocus.com/bid/108924
Third Party Advisory
VDB Entry
https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories
https://www.us-cert.gov/ics/advisories/icsa-19-178-04
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/108924
Third Party Advisory
VDB Entry
https://www.sick.com/de/en/service-and-support/the-sick-product-security-incident-response-team-sick-psirt/w/psirt/#advisories
https://www.us-cert.gov/ics/advisories/icsa-19-178-04
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:sick:msc800_firmware:*:*:*:*:*:*:*:*

Версия до 4.0 (исключая)

cpe:2.3:h:sick:msc800:-:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01627

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-798

CWE-798

Связанные уязвимости

GHSA-m5v2-9qv5-hvh2

CVSS3: 9.8

github

больше 3 лет назад

SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard-coded customer account password.

EPSS

Процентиль: 81%

0.01627

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-798

CWE-798