PT-2019-12107 · Ge · Ge Aestiva+1

Elad Luz

Publicado

2019-07-10

Atualizado

2020-10-02

CVE-2019-10966

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions GE Aestiva versions 7100 GE Aespire versions 7900

Description A vulnerability exists in the specified GE Aestiva and Aespire versions where serial devices connected via an added unsecured terminal server to a TCP/IP network configuration could allow an attacker to remotely modify device configuration and silence alarms.

Recommendations For GE Aestiva version 7100, consider securing the terminal server connection to prevent unauthorized access. For GE Aespire version 7900, consider securing the terminal server connection to prevent unauthorized access.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2019-10966

Produtos afetados

Ge Aespire

Ge Aestiva

PT-2019-12107 · Ge · Ge Aestiva+1

CVE-2019-10966

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3