Описание
Advantech iView, versions 5.6 and prior, has an improper authentication for critical function (CWE-306) issue. Successful exploitation of this vulnerability may allow an attacker to obtain the information of the user table, including the administrator credentials in plain text. An attacker may also delete the administrator account.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party Advisory
- Third Party AdvisoryUS Government Resource
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.6 (включая)
cpe:2.3:a:advantech:iview:*:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00336
Низкий
9.8 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306
CWE-306
Связанные уязвимости
github
больше 3 лет назад
Advantech iView, versions 5.6 and prior, has an improper authentication for critical function (CWE-306) issue. Successful exploitation of this vulnerability may allow an attacker to obtain the information of the user table, including the administrator credentials in plain text. An attacker may also delete the administrator account.
EPSS
Процентиль: 56%
0.00336
Низкий
9.8 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-306
CWE-306