Описание
GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user.
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 4.0.517 (исключая)
cpe:2.3:a:ge:ge_communicator:*:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00263
Низкий
9.8 Critical
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-798
CWE-798
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. This service is inaccessible to attackers if Windows default firewall settings are used by the end user.
EPSS
Процентиль: 49%
0.00263
Низкий
9.8 Critical
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-798
CWE-798