Описание
Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the CompactRIO (Driver versions prior to 20.5) remotely.
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 20.5 (исключая)
Одновременно
cpe:2.3:o:ni:compactrio_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:ni:compactrio:-:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00244
Низкий
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-732
CWE-732
Связанные уязвимости
github
больше 3 лет назад
Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the CompactRIO (Driver versions prior to 20.5) remotely.
EPSS
Процентиль: 47%
0.00244
Низкий
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-732
CWE-732