PT-2021-10347 · Emerson · Emerson Smart Wireless Gateway 1420
Published
2021-03-10
·
Updated
2022-10-05
·
CVE-2020-19419
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Emerson Smart Wireless Gateway 1420 version 4.6.59
Description:
The issue allows remote attackers to obtain sensitive device information from the administrator console without authentication. This is due to incorrect access control.
Recommendations:
For Emerson Smart Wireless Gateway 1420 version 4.6.59, consider restricting access to the administrator console until a patch is available. As a temporary workaround, limit the exposure of the device to the internet and ensure that only trusted users have access to the console.
Exploit
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Emerson Smart Wireless Gateway 1420