| |
Vulnerability CVE-2018-7792
Published: 2018-08-29
| Description: |
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to decode the password using rainbow table. |
Type:
CWE-862 (Missing Authorization)
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
5/10 |
2.9/10 |
10/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
http://www.securityfocus.com/bid/105182
https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
