PT-2016-4428 · Tollgrade · Tollgrade Smartgrid Lighthouse Sensor Management System (Sms) Software Ems

Maxim Rupp

·

Publicado

2016-02-13

·

Atualizado

2016-02-18

·

CVE-2016-0865

CVSS v2.0

9.0

Alta

VetorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS versions prior to 5.1 Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS version 4.1.0 Build 16
Description The issue allows remote authenticated users to change arbitrary passwords.
Recommendations For versions prior to 5.1, update to version 5.1 or later. For version 4.1.0 Build 16, update to a version later than 4.1.0 Build 16.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-255

Identificadores relacionados

CVE-2016-0865

Produtos afetados

Tollgrade Smartgrid Lighthouse Sensor Management System (Sms) Software Ems