Описание
Improper access control vulnerability exists in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier, which may allow a network-adjacent unauthenticated attacker to obtain a username and its hashed password displayed on the management page of the affected product.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до b0.1.9.1 (включая)
Одновременно
cpe:2.3:o:sharp:jh-rvb1_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sharp:jh-rvb1:*:*:*:*:*:*:*:*
Конфигурация 2Версия до b0.1.9.1 (включая)
Одновременно
cpe:2.3:o:sharp:jh-rv11_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:sharp:jh-rv11:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.0016
Низкий
6.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.5
github
больше 1 года назад
Improper access control vulnerability exists in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier, which may allow a network-adjacent unauthenticated attacker to obtain a username and its hashed password displayed on the management page of the affected product.
EPSS
Процентиль: 37%
0.0016
Низкий
6.5 Medium
CVSS3
Дефекты
NVD-CWE-noinfo