Описание
Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.4.125 (включая)
Одновременно
cpe:2.3:o:3xlogic:infinias_eidc32_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:3xlogic:infinias_eidc32:-:*:*:*:*:*:*:*
EPSS
Процентиль: 26%
0.00091
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-295
Связанные уязвимости
github
больше 3 лет назад
Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied.
EPSS
Процентиль: 26%
0.00091
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-295