exploitDog

CVE-2020-10053

Опубликовано: 09 нояб. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as database credentials in configuration files. A local attacker with access to the configuration files could use this information to launch further attacks.

Ссылки

https://cert-portal.siemens.com/productcert/pdf/ssa-145157.pdf
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-145157.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:siemens:simatic_rtls_locating_manager:*:*:*:*:*:*:*:*

Версия до 2.12 (исключая)

EPSS

Процентиль: 6%

0.00025

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-xcm6-w86x-xg6r

github

больше 3 лет назад

A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as database credentials in configuration files. A local attacker with access to the configuration files could use this information to launch further attacks.

EPSS

Процентиль: 6%

0.00025

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-312