Lucene search

[email protected]NVD:CVE-2019-14927

HistoryOct 28, 2019 - 1:15 p.m.

CVE-2019-14927

2019-10-2813:15:10

CWE-306

CWE-425

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

8.1 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.2%

JSON

An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. An unauthenticated remote configuration download vulnerability allows an attacker to download the smartRTU’s configuration file (which contains data such as usernames, passwords, and other sensitive RTU data).

Affected configurations

NVD

Node

mitsubishielectricsmartrtu_firmwareRange≤2.02

AND

mitsubishielectricsmartrtuMatch-

Node

ineame-rtu_firmwareRange≤3.0

AND

ineame-rtuMatch-

References

www.mogozobo.com/

www.mogozobo.com/?p=3593

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

8.1 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.2%

JSON

Related for NVD:CVE-2019-14927

exploitpack1 prion1 cve1 nessus1 cvelist1 exploitdb1 ics1