Lucene search

MitreCVELIST:CVE-2018-19879

HistoryMar 28, 2019 - 4:48 p.m.

CVE-2018-19879

2019-03-2816:48:34

mitre

www.cve.org

CVSS3

7.1

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

AI Score

9.5

Confidence

High

EPSS

0.004

Percentile

74.3%

JSON

An issue was discovered in /cgi-bin/luci on Teltonika RTU9XX (e.g., RUT950) R_31.04.89 before R_00.05.00.5 devices. The authentication functionality is not protected from automated tools used to make login attempts to the application. An anonymous attacker has the ability to make unlimited login attempts with an automated tool. This ability could lead to cracking a targeted user’s password.

References

wiki.teltonika.lt/index.php?title=RUT9xx_Firmware

www.triadsec.com/CVE-2018-19879.pdf

CVSS3

7.1

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

AI Score

9.5

Confidence

High

EPSS

0.004

Percentile

74.3%

JSON

Related for CVELIST:CVE-2018-19879