Lucene search

MitreCVELIST:CVE-2019-11855

HistoryAug 21, 2020 - 6:47 p.m.

CVE-2019-11855 ALEOS LAN-Side RPC Server

2020-08-2118:47:34

mitre

www.cve.org

aleos

lan-side

rpc server

vulnerability

version

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON

An RPC server is enabled by default on the gateway’s LAN of ALEOS before 4.12.0, 4.9.5, and 4.4.9.

References

source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2020-004/

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

60.7%

JSON

Related for CVELIST:CVE-2019-11855