Описание
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.4.620527004 (исключая)
Одновременно
cpe:2.3:o:secomea:sitemanager_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager:-:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00665
Низкий
9.1 Critical
CVSS3
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-284
CWE-863
Связанные уязвимости
github
больше 3 лет назад
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware.
EPSS
Процентиль: 71%
0.00665
Низкий
9.1 Critical
CVSS3
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-284
CWE-863