6.5
CVE-2019-19802
- EPSS 0.22%
- Veröffentlicht 17.01.2020 02:15:11
- Zuletzt bearbeitet 21.11.2024 04:35:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginIn Gallagher Command Centre Server v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an authenticated user connecting to OPCUA can view all data that would be replicated in a multi-server setup without privilege checks being applied.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gallagher ≫ Command Centre Version < 7.70
Gallagher ≫ Command Centre Version >= 7.80 < 7.80.960
Gallagher ≫ Command Centre Version >= 7.90 < 7.90.991
Gallagher ≫ Command Centre Version >= 8.00 < 8.00.1161
Gallagher ≫ Command Centre Version >= 8.10 < 8.10.1134
Gallagher ≫ Command Centre Version7.80.960 Update-
Gallagher ≫ Command Centre Version7.90.991 Update-
Gallagher ≫ Command Centre Version8.00.1161 Update-
Gallagher ≫ Command Centre Version8.10.1134 Update-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.411 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.