PT-2018-18277 · Schneider Electric · Pelco Sarix Professional
Publicado
2018-07-03
·
Atualizado
2019-10-03
·
CVE-2018-7781
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Schneider Electric Pelco Sarix Professional 1st generation cameras versions prior to 3.29.69
Description:
The issue allows an authenticated user to view passwords in clear text, resulting in privilege escalation, by sending a specially crafted request.
Recommendations:
For versions prior to 3.29.69, update the firmware to version 3.29.69 or later to resolve the issue.
Correção
Missing Encryption of Sensitive Data
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Pelco Sarix Professional