Lucene search
HistoryFeb 01, 2024 - 10:15 p.m.
CVE-2024-1039
cve-2024-1039
gessler gmbh
web-master
restoration account
vulnerability
weak credentials
web management
device
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.3%
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if exploited could allow an attacker control over the web management of the device.
Affected configurations
Node
gesslergmbhweb-master_firmwareMatch7.9
gesslergmbhweb-masterMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| gesslergmbh:web-master_firmware | gesslergmbh web-master firmware | eq | 7.9 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "WEB-MASTER",
"vendor": "Gessler GmbH",
"versions": [
{
"status": "affected",
"version": "7.9"
}
]
}
]Related
nvd
nvd
CVE-2024-1039
2024-02-01 22:15:55
cvelist
cvelist
CVE-2024-1039 Use of weak credentials in Gessler GmbH WEB-MASTER
2024-02-01 21:38:48
prion
prion
Hardcoded credentials
2024-02-01 22:15:00
ics
ics
Gessler GmbH WEB-MASTER
2024-02-01 12:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.3 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.3%
Related for CVE-2024-1039