Описание
Black Box KVM Firmware version 3.4.31307 on models ACR1000A-R-R2, ACR1000A-T-R2, ACR1002A-T, ACR1002A-R, and ACR1020A-T is vulnerable to path traversal, which may allow an attacker to steal user credentials and other sensitive information through local file inclusion.
Ссылки
- PatchThird Party AdvisoryUS Government Resource
- PatchThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:blackbox:acr1000a-r-r2_firmware:3.4.31307:*:*:*:*:*:*:*
cpe:2.3:h:blackbox:acr1000a-r-r2:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:blackbox:acr1000a-t-r2_firmware:3.4.31307:*:*:*:*:*:*:*
cpe:2.3:h:blackbox:acr1000a-t-r2:-:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
cpe:2.3:o:blackbox:acr1002a-r_firmware:3.4.31307:*:*:*:*:*:*:*
cpe:2.3:h:blackbox:acr1002a-r:-:*:*:*:*:*:*:*
Конфигурация 4
Одновременно
cpe:2.3:o:blackbox:acr1002a-t_firmware:3.4.31307:*:*:*:*:*:*:*
cpe:2.3:h:blackbox:acr1002a-t:-:*:*:*:*:*:*:*
Конфигурация 5
Одновременно
cpe:2.3:o:blackbox:acr1020a-t_firmware:3.4.31307:*:*:*:*:*:*:*
cpe:2.3:h:blackbox:acr1020a-t:-:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00385
Низкий
7.5 High
CVSS3
Дефекты
CWE-22
Связанные уязвимости
CVSS3: 7.5
github
около 3 лет назад
Black Box KVM Firmware version 3.4.31307 on models ACR1000A-R-R2, ACR1000A-T-R2, ACR1002A-T, ACR1002A-R, and ACR1020A-T is vulnerable to path traversal, which may allow an attacker to steal user credentials and other sensitive information through local file inclusion.
EPSS
Процентиль: 59%
0.00385
Низкий
7.5 High
CVSS3
Дефекты
CWE-22