Описание
Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. A malicious attacker could use this sensitive information’s to launch further attacks on the system.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.8 (исключая)
Одновременно
cpe:2.3:o:sick:ftmg_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sick:ftmg:-:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00325
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-862
CWE-862
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
Unauthenticated users can access sensitive web URLs through GET request, which should be restricted to maintenance users only. A malicious attacker could use this sensitive information’s to launch further attacks on the system.
EPSS
Процентиль: 55%
0.00325
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-862
CWE-862