CVE-2020-11641

Опубликовано: 15 окт. 2020

Источник: nvd

CVSS3: 7.7

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances.

Ссылки

https://us-cert.cisa.gov/ics/advisories/icsa-20-273-03
Third Party Advisory
US Government Resource
https://www.br-automation.com/downloads_br_productcatalogue/assets/1600003183751-de-original-1.0.pdf
Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-273-03
Third Party Advisory
US Government Resource
https://www.br-automation.com/downloads_br_productcatalogue/assets/1600003183751-de-original-1.0.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:br-automation:sitemanager:*:*:*:*:*:*:*:*

Версия до 9.2.620236042 (исключая)

EPSS

Процентиль: 45%

0.00224

Низкий

7.7 High

CVSS3

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-552

Связанные уязвимости

GHSA-446x-9cwq-39mx

CVSS3: 6.5

github

больше 3 лет назад

A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances.

EPSS

Процентиль: 45%

0.00224

Низкий

7.7 High

CVSS3

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-552