Описание
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05
contains a cleartext transmission vulnerability which could allow an attacker to
steal the authentication secret from communication traffic to the device and reuse it for arbitrary requests.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:bakerhughes:bentley_nevada_3500_system_firmware:5.0.5:*:*:*:*:*:*:*
cpe:2.3:h:bakerhughes:bentley_nevada_3500_system:-:*:*:*:*:*:*:*
EPSS
Процентиль: 7%
0.00028
Низкий
6.8 Medium
CVSS3
8.2 High
CVSS3
Дефекты
CWE-319
CWE-319
Связанные уязвимости
CVSS3: 6.8
github
больше 2 лет назад
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a cleartext transmission vulnerability which could allow an attacker to steal the authentication secret from communication traffic to the device and reuse it for arbitrary requests.
EPSS
Процентиль: 7%
0.00028
Низкий
6.8 Medium
CVSS3
8.2 High
CVSS3
Дефекты
CWE-319
CWE-319