Описание
An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:sealevel:seaconnect_370w_firmware:1.3.34:*:*:*:*:*:*:*
cpe:2.3:h:sealevel:seaconnect_370w:-:*:*:*:*:*:*:*
EPSS
Процентиль: 32%
0.00125
Низкий
7.4 High
CVSS3
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-311
CWE-311
Связанные уязвимости
CVSS3: 5.9
github
почти 4 года назад
An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted man-in-the-middle attack can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
EPSS
Процентиль: 32%
0.00125
Низкий
7.4 High
CVSS3
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-311
CWE-311