Описание
Exposure of sensitive information in ekorCCP and ekorRCI, potentially allowing a remote attacker to obtain critical information from various .xml files, including .xml files containing credentials, without being authenticated within the web server.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:ormazabal:ekorrci_firmware:601j:*:*:*:*:*:*:*
cpe:2.3:h:ormazabal:ekorrci:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:ormazabal:ekorccp_firmware:601j:*:*:*:*:*:*:*
cpe:2.3:h:ormazabal:ekorccp:-:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00112
Низкий
8.2 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 8.2
github
больше 2 лет назад
** UNSUPPPORTED WHEN ASSIGNED ** Exposure of sensitive information in ekorCCP and ekorRCI, potentially allowing a remote attacker to obtain critical information from various .xml files, including .xml files containing credentials, without being authenticated within the web server.
EPSS
Процентиль: 30%
0.00112
Низкий
8.2 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-200
NVD-CWE-noinfo