Описание
In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 1.04.07 (исключая)
Одновременно
cpe:2.3:o:honeywell:ip-ak2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:honeywell:ip-ak2:-:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00157
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306
CWE-306
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data, which can be accessed without authentication over the network.
EPSS
Процентиль: 37%
0.00157
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306
CWE-306