Описание
The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load.
EPSS
Процентиль: 40%
0.00183
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-288
Связанные уязвимости
CVSS3: 5.3
github
больше 1 года назад
The web server of affected devices do not properly authenticate user request to the '/ClientArea/RuntimeInfoData.mwsl' endpoint. This could allow an unauthenticated remote attacker to gain knowledge about current actual and configured maximum cycle times as well as about configured maximum communication load.
EPSS
Процентиль: 40%
0.00183
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-288