Lucene search

IcscertCVE-2016-2272

HistoryApr 06, 2016 - 11:59 p.m.

CVE-2016-2272

2016-04-0623:59:14

CWE-284

icscert

web.nvd.nist.gov

eaton lighting

eg2

web control

vulnerability

cve-2016-2272

security

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

60.5%

JSON

Eaton Lighting EG2 Web Control 4.04P and earlier allows remote attackers to have an unspecified impact via a modified cookie.

Affected configurations

Nvd

Node

eaton_lighting_systemseg2_web_controlRange≤4.04p

VendorProductVersionCPE
eaton_lighting_systemseg2_web_control*cpe:2.3:a:eaton_lighting_systems:eg2_web_control:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
eaton_lighting_systems	eg2_web_control	*	cpe:2.3:a:eaton_lighting_systems:eg2_web_control::::::::

References

ics-cert.us-cert.gov/advisories/ICSA-16-061-03

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

60.5%

JSON

Related for CVE-2016-2272