PT-2023-23219 · Snap One · Ovrc Pro
Uri Katz
·
Publicado
2023-05-22
·
Atualizado
2023-05-30
·
CVE-2023-31193
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Snap One OvrC Pro versions prior to 7.3
Description
The issue concerns the use of HTTP connections instead of HTTPS when downloading programs from servers, making devices susceptible to exploitation.
Recommendations
For versions prior to 7.3, consider configuring the system to use HTTPS connections for downloading programs from servers as a mitigation measure.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Cleartext Transmission of Sensitive Information
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ovrc Pro