9.8
CVE-2019-16879
- EPSS 1.37%
- Veröffentlicht 14.04.2020 17:15:11
- Zuletzt bearbeitet 21.11.2024 04:31:15
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70, with firmware Versions 5.0 and prior, has a Missing Authentication for Critical Function (CWE-306) vulnerability. The affected product does not require authentication for TELNET access, which may allow an attacker to change configuration or perform other malicious activities.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mysyngeryss ≫ Husky Rtu 6049-e70 Firmware Version <= 5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.37% | 0.683 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-306 Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
https://www.us-cert.gov/ics/advisories/icsa-20-042-01