Описание
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk (V2.6.1 and prior), Wiser for KNX (V2.6.1 and prior), fellerLYnk (V2.6.1 and prior)
Ссылки
- Broken LinkPatchVendor Advisory
- Broken LinkPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.6.1 (включая)
Одновременно
cpe:2.3:o:schneider-electric:spacelynk_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:spacelynk:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 2.6.1 (включая)
Одновременно
cpe:2.3:o:schneider-electric:wiser_for_knx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:wiser_for_knx:-:*:*:*:*:*:*:*
Конфигурация 3Версия до 2.6.1 (включая)
Одновременно
cpe:2.3:o:schneider-electric:fellerlynk_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:fellerlynk:-:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00385
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-669
Связанные уязвимости
github
почти 4 года назад
A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could cause data exfiltration and unauthorized access when accessing a malicious website. Affected Product: spaceLYnk (V2.6.1 and prior), Wiser for KNX (V2.6.1 and prior), fellerLYnk (V2.6.1 and prior)
EPSS
Процентиль: 59%
0.00385
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-669