Lucene search
K

15 matches found

NVD
NVD
added 2017/02/13 9:59 p.m.12 views

CVE-2017-5144

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11U05, and VMU-C PV prior to firmware Version A17. The access control flaw allows access to most application functions without authentication...

9.8CVSS9.4AI score0.02429EPSS
Exploits0References2
NVD
NVD
added 2017/02/13 9:59 p.m.11 views

CVE-2017-5146

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11U05, and VMU-C PV prior to firmware Version A17. Sensitive information is stored in clear-text...

7.5CVSS7.9AI score0.09317EPSS
Exploits2References2
NVD
NVD
added 2017/02/13 9:59 p.m.14 views

CVE-2017-5145

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11U05, and VMU-C PV prior to firmware Version A17. Successful exploitation of this CROSS-SITE REQUEST FORGERY CSRF vulnerability can allow execution of unauthorized actions on the device such as configuration parameter...

10CVSS9.5AI score0.01247EPSS
Exploits0References2
Prion
Prion
added 2017/02/13 9:59 p.m.13 views

Authentication flaw

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11U05, and VMU-C PV prior to firmware Version A17. The access control flaw allows access to most application functions without authentication...

7.5CVSS9.3AI score0.02429EPSS
Exploits0References2
Prion
Prion
added 2017/02/13 9:59 p.m.14 views

Cross site request forgery (csrf)

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11U05, and VMU-C PV prior to firmware Version A17. Successful exploitation of this CROSS-SITE REQUEST FORGERY CSRF vulnerability can allow execution of unauthorized actions on the device such as configuration parameter...

7.5CVSS9.3AI score0.01247EPSS
Exploits0References2
Prion
Prion
added 2017/02/13 9:59 p.m.18 views

Code injection

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11U05, and VMU-C PV prior to firmware Version A17. Sensitive information is stored in clear-text...

5CVSS7.8AI score0.09317EPSS
Exploits2References2
CVE
CVE
added 2017/02/13 9:0 p.m.55 views

CVE-2017-5145

The CVE-2017-5145 entry describes a CROSS-SITE REQUEST FORGERY (CSRF) vulnerability in Carlo Gavazzi VMU-C EM (firmware before A11_U05) and VMU-C PV (firmware before A17). Successful exploitation can allow unauthorized configuration changes and saving of modified configurations. Public guidance i...

10CVSS9.3AI score0.01247EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/02/13 9:0 p.m.18 views

CVE-2017-5144

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11U05, and VMU-C PV prior to firmware Version A17. The access control flaw allows access to most application functions without authentication...

9.4AI score0.02429EPSS
Exploits0References2
CVE
CVE
added 2017/02/13 9:0 p.m.50 views

CVE-2017-5144

The CVE-2017-5144 issue affects Carlo Gavazzi VMU-C EM (pre-A11_U05) and VMU-C PV (pre-A17) where an access control flaw allows access to most application functions without authentication. According to the ICS-CERT advisory, the root cause is an access-control weakness (CWE-284) enabling remote, ...

9.8CVSS9.2AI score0.02429EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/02/13 9:0 p.m.54 views

CVE-2017-5146

CVE-2017-5146 affects Carlo Gavazzi VMU-C EM (before firmware A11_U05) and VMU-C PV (before firmware A17). The issue is that sensitive information is stored in clear text on these devices, constituting an information disclosure vulnerability. Public sources describe the affected products and firm...

7.5CVSS7.3AI score0.09317EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2017/02/13 9:0 p.m.20 views

CVE-2017-5146

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11U05, and VMU-C PV prior to firmware Version A17. Sensitive information is stored in clear-text...

7.4AI score0.09317EPSS
Exploits2References2
CNVD
CNVD
added 2017/01/16 12:0 a.m.3 views

Cross-Site Request Forgery Vulnerability in Carlo Gavazzi Automation VMU-C EM and VMU-C PV

Carlo Gavazzi Automation VMU-C EM and VMU-C PV are control modules in the automation products of the Italian company Carlo Gavazzi Automation. A cross-site request forgery vulnerability exists in the Carlo Gavazzi Automation VMU-C EM and VMU-C PV. A remote attacker can exploit the vulnerability b...

10CVSS6.9AI score0.01247EPSS
Exploits0References1
CNVD
CNVD
added 2017/01/16 12:0 a.m.3 views

Carlo Gavazzi Automation VMU-C EM and VMU-C PV have unauthorized access vulnerabilities

Carlo Gavazzi Automation VMU-C EM and VMU-C PV are control modules in the automation products of the Italian company Carlo Gavazzi Automation. An unauthorized access vulnerability exists in the Carlo Gavazzi Automation VMU-C EM and VMU-C PV. An unauthenticated attacker could exploit the...

9.8CVSS6.8AI score0.02429EPSS
Exploits0References1
CNVD
CNVD
added 2017/01/16 12:0 a.m.4 views

Carlo Gavazzi Automation VMU-C EM and VMU-C PV suffer from information disclosure vulnerabilities

Carlo Gavazzi Automation VMU-C EM and VMU-C PV are control modules in the automation products of the Italian company Carlo Gavazzi Automation. The Carlo Gavazzi Automation VMU-C EM and VMU-C PV store sensitive information in clear text, allowing remote attackers to exploit the vulnerability to re...

7.5CVSS6.6AI score0.09317EPSS
Exploits2References1
ICS
ICS
added 2017/01/12 12:0 a.m.75 views

Carlo Gavazzi VMU-C EM and VMU-C PV

CVSS V3 10 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Carlo Gavazzi Equipment: VMU-C EM, VMU-C PV Vulnerabilities: Access Control Flaws, CSRF, Sensitive Information Stored In Clear Text AFFECTED PRODUCTS Carlo Gavazzi reports that the vulnerabilities affect the following...

10CVSS9.6AI score0.09317EPSS
Exploits2References3
Rows per page
Query Builder