5.5
CVE-2019-11856
- EPSS 0.02%
- Veröffentlicht 21.08.2020 19:15:11
- Zuletzt bearbeitet 21.11.2024 04:21:54
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. Captured traffic to the ACEView service can be replayed to other gateways sharing the same credentials.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sierrawireless ≫ Aleos Version <= 4.12.0
Sierrawireless ≫ Airlink Lx40 Version-
Sierrawireless ≫ Airlink Lx60 Version-
Sierrawireless ≫ Airlink Mp70 Version-
Sierrawireless ≫ Airlink Mp70e Version-
Sierrawireless ≫ Airlink Rv50 Version-
Sierrawireless ≫ Airlink Rv50x Version-
Sierrawireless ≫ Airlink Lx60 Version-
Sierrawireless ≫ Airlink Mp70 Version-
Sierrawireless ≫ Airlink Mp70e Version-
Sierrawireless ≫ Airlink Rv50 Version-
Sierrawireless ≫ Airlink Rv50x Version-
Sierrawireless ≫ Aleos Version <= 4.9.4
Sierrawireless ≫ Aleos Version <= 4.4.8
Sierrawireless ≫ Airlink Es440 Version-
Sierrawireless ≫ Airlink Gx400 Version-
Sierrawireless ≫ Airlink Gx440 Version-
Sierrawireless ≫ Airlink Ls300 Version-
Sierrawireless ≫ Airlink Gx400 Version-
Sierrawireless ≫ Airlink Gx440 Version-
Sierrawireless ≫ Airlink Ls300 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.039 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.8 | 1.2 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
|
| nvd@nist.gov | 5.5 | 8 | 4.9 |
AV:N/AC:L/Au:S/C:N/I:P/A:P
|
| cve@mitre.org | 3.3 | 0.7 | 2.5 |
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L
|
CWE-294 Authentication Bypass by Capture-replay
A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).