PT-2019-15012 · V Zug · V-Zug Combi-Steam Mslq

Marc Ruef

Publicado

2019-10-06

Atualizado

2020-08-24

CVE-2019-17219

CVSS v3.1

8.8

Alta

Vetor

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions V-Zug Combi-Steam MSLQ devices before Ethernet R07 V-Zug Combi-Steam MSLQ devices before WLAN R05

Description An issue was discovered where the device does not enforce any authentication by default. This allows an adjacent attacker to use the network interface without proper access control.

Recommendations For V-Zug Combi-Steam MSLQ devices before Ethernet R07, update to Ethernet R07 or later to resolve the issue. For V-Zug Combi-Steam MSLQ devices before WLAN R05, update to WLAN R05 or later to resolve the issue. As a temporary workaround, consider restricting access to the network interface until a patch is available.

Correção

Missing Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-306

Identificadores relacionados

CVE-2019-17219

Produtos afetados

V-Zug Combi-Steam Mslq

PT-2019-15012 · V Zug · V-Zug Combi-Steam Mslq

CVE-2019-17219

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3