CVE-2016-2311

EPSS 0.33%
Published 30.05.2016 01:59:06
Last modified 12.04.2025 10:46:40
Source ics-cert@hq.dhs.gov
Teams watchlist Login
Open Login

Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks ServSensor Contact with firmware before SP473 allow remote authenticated users to discover administrator and user passwords via unspecified vectors.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Blackbox ≫ Alertwerks Servsensor Junior Firmware Version-

   Blackbox ≫ Alertwerks Servsensor Junior Eme102a-r2 Version-
   Blackbox ≫ Alertwerks Servsensor Junior Eme103a-r2 Version-
   Blackbox ≫ Alertwerks Servsensor Junior Eme104a-r2 Version-

Blackbox ≫ Alertwerks Servsensor Contact Firmware Version-

   Blackbox ≫ Alertwerks Servsensor Contact Eme111a-20-r2 Version-
   Blackbox ≫ Alertwerks Servsensor Contact Eme111a-60-r2 Version-
   Blackbox ≫ Alertwerks Servsensor Contact Eme112a-20-r2 Version-
   Blackbox ≫ Alertwerks Servsensor Contact Eme112a-60-r2 Version-
   Blackbox ≫ Alertwerks Servsensor Contact Eme113a-20-r2 Version-
   Blackbox ≫ Alertwerks Servsensor Contact Eme113a-60-r2 Version-

Blackbox ≫ Alertwerks Servsensor Firmware Version-

   Blackbox ≫ Alertwerks Servsensor Eme106a Version-
   Blackbox ≫ Alertwerks Servsensor Eme108a-r2 Version-
   Blackbox ≫ Alertwerks Servsensor Eme109a-r2 Version-
   Blackbox ≫ Alertwerks Servsensor Eme110a-r2 Version-
   Blackbox ≫ Alertwerks Servsensor Eme105a Version-

Blackbox ≫ Alertwerks Servsensor Junior Firmware Version- SwEditionpoe

   Blackbox ≫ Alertwerks Servsensor Junior Eme152a Version- SwEditionpoe
   Blackbox ≫ Alertwerks Servsensor Junior Eme153a Version- SwEditionpoe
   Blackbox ≫ Alertwerks Servsensor Junior Eme154a Version- SwEditionpoe
   Blackbox ≫ Alertwerks Servsensor Junior Eme155a Version- SwEditionpoe
   Blackbox ≫ Alertwerks Servsensor Junior Eme158a Version- SwEditionpoe

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.33%	0.548

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://ics-cert.us-cert.gov/advisories/ICSA-16-147-03

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2016-2311

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-2311

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-2311

EUVD