Описание
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unused function that allows an authenticated attacker to use up all available IPs of an account and thus not allow creation of new devices and users.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.6.2 (включая)Версия до 2.6.2 (включая)
Одно из
cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:*
cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00362
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-400
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unused function that allows an authenticated attacker to use up all available IPs of an account and thus not allow creation of new devices and users.
EPSS
Процентиль: 58%
0.00362
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-400