PT-2017-8776 · Omnimetrix · Omniview

Published

2017-02-13

Updated

2017-06-28

CVE-2016-5801

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions OmniMetrix OmniView version 1.2

Description An issue in the OmniView web application allows an attacker to gain access by brute forcing account passwords due to insufficient password requirements.

Recommendations For OmniMetrix OmniView version 1.2, consider implementing stronger password policies to mitigate the risk of brute force attacks. As a temporary workaround, restrict access to the web application until a more secure password requirement system is in place.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2016-5801

Affected Products

Omniview

PT-2017-8776 · Omnimetrix · Omniview

CVE-2016-5801

Weakness Enumeration

Related Identifiers

Affected Products

References · 4