PT-2019-12409 · Prosyst+1 · Prosyst Mbs Sdk+1

Philip Kazmeier

Published

2019-08-21

Updated

2020-08-24

CVE-2019-11602

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions ProSyst mBS SDK versions prior to 8.2.6 Bosch IoT Gateway Software versions prior to 9.2.0

Description The issue allows remote attackers to gather information about the file system structure due to the leakage of stack traces in remote access to backup and restore functionality.

Recommendations For ProSyst mBS SDK versions prior to 8.2.6, update to version 8.2.6 or later to resolve the issue. For Bosch IoT Gateway Software versions prior to 9.2.0, update to version 9.2.0 or later to resolve the issue.

Fix

Generation of Error Message Containing Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-209

Related Identifiers

CVE-2019-11602

Affected Products

Bosch Iot Gateway

Prosyst Mbs Sdk

PT-2019-12409 · Prosyst+1 · Prosyst Mbs Sdk+1

CVE-2019-11602

Weakness Enumeration

Related Identifiers

Affected Products

References · 3