PT-2019-12410 · Prosyst+1 · Prosyst Mbs Sdk+1

Philip Kazmeier

Published

2019-08-21

Updated

2019-10-09

CVE-2019-11603

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions ProSyst mBS SDK versions prior to 8.2.6 Bosch IoT Gateway Software versions prior to 9.0.2

Description A HTTP Traversal Attack allows remote attackers to read files outside the http root.

Recommendations For ProSyst mBS SDK versions prior to 8.2.6, update to version 8.2.6 or later. For Bosch IoT Gateway Software versions prior to 9.0.2, update to version 9.0.2 or later.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2019-11603

Affected Products

Bosch Iot Gateway

Prosyst Mbs Sdk

PT-2019-12410 · Prosyst+1 · Prosyst Mbs Sdk+1

CVE-2019-11603

Weakness Enumeration

Related Identifiers

Affected Products

References · 3