Описание
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exist in AccuSine PCS+ / PFV+ (Versions prior to V1.6.7) and AccuSine PCSn (Versions prior to V2.2.4) that could allow an authenticated attacker to access the device via FTP protocol.
Ссылки
- Not Applicable
- PatchVendor Advisory
- Not Applicable
Уязвимые конфигурации
Конфигурация 1Версия до 001.006.007 (исключая)
Одновременно
cpe:2.3:o:schneider-electric:accusine_pcsp_pfvp_firmware:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:schneider-electric:accusine_pcs\+:-:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:accusine_pfv\+:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 002.002.004 (исключая)
Одновременно
cpe:2.3:o:schneider-electric:accusine_pcsn_active_harmonic_filter_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:accusine_pcsn:-:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00544
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exist in AccuSine PCS+ / PFV+ (Versions prior to V1.6.7) and AccuSine PCSn (Versions prior to V2.2.4) that could allow an authenticated attacker to access the device via FTP protocol.
EPSS
Процентиль: 67%
0.00544
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-200