CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
58.2%
Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device.
Vendor | Product | Version | CPE |
---|---|---|---|
mercedes-benz | xentry_retail_data_storage_firmware | 7.8.1 | cpe:2.3:o:mercedes-benz:xentry_retail_data_storage_firmware:7.8.1:*:*:*:*:*:*:* |
mercedes-benz | xentry_retail_data_storage | - | cpe:2.3:h:mercedes-benz:xentry_retail_data_storage:-:*:*:*:*:*:*:* |