CVE-2019-15859

Sažetak

Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 allows a remote attacker to get full access to a device via the /password.jsn URI.

Reference

http://packetstormsecurity.com/files/154764/Socomec-DIRIS-A-40-Password-Disclosure.html
http://seclists.org/fulldisclosure/2019/Oct/10
https://www.socomec.com/single-circuit-multifunction-meters_en.html

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

24-08-2020 - 17:37

Objavljeno

09-10-2019 - 16:15