Lucene search
PRIOn knowledge basePRION:CVE-2019-14473HistoryAug 06, 2019 - 7:15 p.m.
Authorization
2019-08-0619:15:00
PRIOn knowledge base
www.prio-n.com
1
eQ-3 Homematic CCU2 and CCU3 use session IDs for authentication but lack authorization checks. Consequently, a valid guest level or user level account can create a new admin level account, read the service messages, clear the system protocol or modify/delete internal programs, etc. pp.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ccu2_firmware | le | 2.47.15 | |
| ccu3_firmware | le | 3.47.15 |
References
Related
cvelist
cvelist
CVE-2019-14473
2019-08-06 18:03:10
nvd
nvd
CVE-2019-14473
2019-08-06 19:15:13
cve
cve
CVE-2019-14473
2019-08-06 19:15:13