CVE-2017-6866

2017-08-0723:00:00

CWE-284

siemens

www.cve.org

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.9%

JSON

A vulnerability was discovered in Siemens XHQ server 4 and 5 (4 before V4.7.1.3 and 5 before V5.0.0.2) that could allow an authenticated low-privileged remote user to gain read access to data in the XHQ solution exceeding his configured permission level.

CNA Affected

[
  {
    "product": "XHQ 4 (All versions before V4.7.1.3), XHQ 5 (All versions before V5.0.0.2)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "XHQ 4 (All versions before V4.7.1.3), XHQ 5 (All versions before V5.0.0.2)"
      }
    ]
  }
]