← volver
CVE-2021-32002

SiteManager troubleshooter allows access without authentication from local network

CVSS 4.3 MEDIUMEPSS 0.2%CWE-200CWE-284
Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Productos afectados
Secomea · SiteManager

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.secomea.com/support/cybersecurity-advisory