Описание
Sielco PolyEco1000 is vulnerable to an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this via a specially crafted request to gain access to sensitive information.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:sielco:polyeco500_firmware:1.7.0:*:*:*:cpu:*:*:*
cpe:2.3:o:sielco:polyeco500_firmware:10.16:*:*:*:fpga:*:*:*
cpe:2.3:h:sielco:polyeco500:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
Одно из
cpe:2.3:o:sielco:polyeco300_firmware:2.0.0:*:*:*:cpu:*:*:*
cpe:2.3:o:sielco:polyeco300_firmware:2.0.2:*:*:*:cpu:*:*:*
cpe:2.3:o:sielco:polyeco300_firmware:10.19:*:*:*:fpga:*:*:*
cpe:2.3:h:sielco:polyeco300:-:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
Одно из
cpe:2.3:o:sielco:polyeco1000_firmware:1.9.3:*:*:*:cpu:*:*:*
cpe:2.3:o:sielco:polyeco1000_firmware:1.9.4:*:*:*:cpu:*:*:*
cpe:2.3:o:sielco:polyeco1000_firmware:2.0.6:*:*:*:cpu:*:*:*
cpe:2.3:o:sielco:polyeco1000_firmware:10.19:*:*:*:fpga:*:*:*
cpe:2.3:h:sielco:polyeco1000:-:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00143
Низкий
7.5 High
CVSS3
Дефекты
CWE-284
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
github
больше 2 лет назад
Sielco PolyEco1000 is vulnerable to an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this via a specially crafted request to gain access to sensitive information.
EPSS
Процентиль: 35%
0.00143
Низкий
7.5 High
CVSS3
Дефекты
CWE-284
NVD-CWE-noinfo