exploitDog

CVE-2021-38422

Опубликовано: 03 нояб. 2021

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges.

Ссылки

https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02
Third Party Advisory
US Government Resource
https://us-cert.cisa.gov/ics/advisories/icsa-21-294-02
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:deltaww:dialink:*:*:*:*:*:*:*:*

Версия до 1.2.4.0 (включая)

EPSS

Процентиль: 5%

0.00023

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-cc23-r63p-28wp

github

больше 3 лет назад

Delta Electronics DIALink versions 1.2.4.0 and prior stores sensitive information in cleartext, which may allow an attacker to have extensive access to the application directory and escalate privileges.

EPSS

Процентиль: 5%

0.00023

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-312