PT-2019-19689 · Cobham · Cobham Explorer 710

David Belasco

Publicado

2019-10-10

Atualizado

2019-10-17

CVE-2019-9532

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cobham EXPLORER 710 firmware version 1.07

Description The web application portal of the Cobham EXPLORER 710 sends the login password in cleartext, potentially allowing an unauthenticated, local attacker to intercept the password and gain access to the portal.

Recommendations For firmware version 1.07, consider restricting access to the web application portal until a fix is available, and avoid using the portal over unsecured networks to minimize the risk of password interception.

Correção

Cleartext Transmission of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-319

Identificadores relacionados

CVE-2019-9532

Produtos afetados

Cobham Explorer 710

PT-2019-19689 · Cobham · Cobham Explorer 710

CVE-2019-9532

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3