exploitDog

CVE-2020-17483

Опубликовано: 16 дек. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at port 9000, we see it responds with a JSON body that has all the details about the devices which have been deployed.

Ссылки

https://www.cisa.gov/news-events/ics-advisories/icsa-21-287-02
Third Party Advisory
US Government Resource
https://www.uffizio.com/
Product
https://www.cisa.gov/news-events/ics-advisories/icsa-21-287-02
Third Party Advisory
US Government Resource
https://www.uffizio.com/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:uffizio:gps_tracker:*:*:*:*:*:*:*:*

EPSS

Процентиль: 42%

0.00199

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-jj8x-8hrh-x979

CVSS3: 7.5

github

около 2 лет назад

An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at port 9000, we see it responds with a JSON body that has all the details about the devices which have been deployed.

EPSS

Процентиль: 42%

0.00199

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo