Authentication flaw

Tollgrade LightHouse SMS before 5.1 patch 3 allows remote authenticated users to bypass an intended administrative-authentication requirement, and read or change parameter values, via a direct request...

Authentication flaw

Tollgrade LightHouse SMS before 5.1 patch 3 provides different error messages for failed authentication attempts depending on whether the username exists, which allows remote attackers to enumerate account names via a series of attempts...

Authentication flaw

Tollgrade LightHouse SMS before 5.1 patch 3 allows remote attackers to bypass authentication and restart the software via unspecified vectors...

CVE-2016-5790

CVE-2016-5790 affects Tollgrade LightHouse SMS: before version 5.1 Patch 3, the software is vulnerable to a remote authentication bypass that can allow restarting the system. The root cause is missing authentication for a critical function, enabling an attacker to trigger a restart without valid ...

CVE-2016-5797

Tollgrade LightHouse SMS before 5.1 patch 3 provides different error messages for failed authentication attempts depending on whether the username exists, which allows remote attackers to enumerate account names via a series of attempts...

CVE-2016-5790

Tollgrade LightHouse SMS before 5.1 patch 3 allows remote attackers to bypass authentication and restart the software via unspecified vectors...

CVE-2016-5807

CVE-2016-5807 affects Tollgrade LightHouse SMS Software prior to version 5.1 Patch 3. The vulnerability, described as Missing Authentication for Critical Function and Forced Browsing, allows remote authenticated attackers to bypass the administrative-authentication requirement and read or modify ...

CVE-2016-5807

Tollgrade LightHouse SMS before 5.1 patch 3 allows remote authenticated users to bypass an intended administrative-authentication requirement, and read or change parameter values, via a direct request...

CVE-2016-5797

CVE-2016-5797 affects Tollgrade LightHouse SMS Software prior to Version 5.1 Patch 3. The issue is information exposure through error messages that reveal whether a username exists, enabling remote account-name enumeration. Affected component is the web-based LightHouse SMS software; the root cau...

Tollgrade SmartGrid LightHouse Sensor Management System Denial of Service Vulnerability

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software is a Web-based smart grid lighthouse sensor management system from Tollgrade, Inc. A denial of service vulnerability exists in Tollgrade SmartGrid LightHouse SMS version 5.1 Patch 3 and prior versions, which can be exploited by ...

Tollgrade SmartGrid LightHouse Sensor Management System Privilege Vulnerability

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software is a Web-based smart grid lighthouse sensor management system from Tollgrade, Inc. A privilege-lifting vulnerability exists in Tollgrade Communications SmartGrid LightHouse SMS version 5.1 Patch 3 and earlier versions, which can...

Tollgrade SmartGrid LightHouse Sensor Management System Information Disclosure Vulnerability

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software is a Web-based smart grid lighthouse sensor management system from Tollgrade, Inc. An information disclosure vulnerability exists in Tollgrade SmartGrid LightHouse SMS Software version 5.1 Patch 3 and prior versions, which can b...

Tollgrade Smart Grid EMS LightHouse Vulnerabilities

OVERVIEW Ashish Kamble of Qualys, Inc. has identified vulnerabilities in Tollgrade Communications, Inc.’s Smart Grid LightHouse Sensor Management System SMS Software EMS. Tollgrade has produced a new version to mitigate these vulnerabilities. Ashish Kamble has tested the new version to validate...

Tollgrade SmartGrid LightHouse Sensor Management System Software Information Disclosure Vulnerability

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software is a Web-based smart grid lighthouse sensor management system from Tollgrade, Inc. A security vulnerability exists in Tollgrade SmartGrid LightHouse SMS Software versions prior to 5.1 and 4.1.0 Build 16. A remote attacker could...

Tollgrade SmartGrid LightHouse Sensor Management System Software Arbitrary Password Change Vulnerability

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software is a Web-based smart grid lighthouse sensor management system from Tollgrade, Inc. A security vulnerability exists in Tollgrade SmartGrid LightHouse SMS Software EMS versions prior to 5.1 and 4.1.0 Build 16. A remote attacker...

Tollgrade SmartGrid LightHouse Sensor Management System Software Cross-Site Request Forgery Vulnerability

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software is a Web-based smart grid lighthouse sensor management system from Tollgrade, Inc. A cross-site request forgery vulnerability exists in Tollgrade SmartGrid LightHouse SMS Software versions prior to 5.1 and 4.1.0 Build 16. A remo...

Tollgrade SmartGrid LightHouse Sensor Management System Software Cross-Site Scripting Vulnerability

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software is a Web-based smart grid lighthouse sensor management system from Tollgrade, Inc. A cross-site scripting vulnerability exists in Tollgrade SmartGrid LightHouse SMS Software EMS versions prior to 5.1 and 4.1.0 Build 16. A remote...

CVE-2016-0866

Cross-site scripting XSS vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-0865

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote authenticated users to change arbitrary passwords via unspecified vectors...

CVE-2016-0865

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote authenticated users to change arbitrary passwords via unspecified vectors...