← voltar
CVE-2021-32002

SiteManager troubleshooter allows access without authentication from local network

CVSS 4.3 MEDIUMEPSS 0.2%CWE-200CWE-284
Improper Access Control vulnerability in web service of Secomea SiteManager allows local attacker without credentials to gather network information and configuration of the SiteManager. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
Secomea · SiteManager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.secomea.com/support/cybersecurity-advisory