PT-2017-13971 · Mirasys · Mirasys Video Management System

Publicado

2017-10-12

Atualizado

2019-10-03

CVE-2017-15290

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Mirasys Video Management System (VMS) versions 6.x through 6.4.5 Mirasys Video Management System (VMS) versions 7.x through 7.5.14 Mirasys Video Management System (VMS) versions 8.x through 8.0

Description The issue concerns the login process where cleartext data is sent from a server to a client, with some of this data not being necessary for client functionality.

Recommendations For versions 6.x through 6.4.5, update to version 6.4.6 or later. For versions 7.x through 7.5.14, update to version 7.5.15 or later. For versions 8.x through 8.0, update to version 8.1.1 or later.

Correção

Cleartext Transmission of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-319

Identificadores relacionados

CVE-2017-15290

Produtos afetados

Mirasys Video Management System

PT-2017-13971 · Mirasys · Mirasys Video Management System

CVE-2017-15290

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4