2 matches found
Janitza UMG Power Quality Measuring Weak Authentication (CVE-2015-3972)
The web interface on Janitza UMG 508, 509, 511, 604, and 605 devices supports only short PIN values for authentication, which makes it easier for remote attackers to obtain access via a brute-force attack. This plugin only works with Tenable.ot. Please visit...
CVE-2015-3972
The CVE refers to Janitza UMG power quality devices (UMG 508, 509, 511, 604, and 605). The underlying issue is weak authentication via the web interface, caused by allowing only short PIN values and insufficient randomization of session tokens, enabling remote brute-force access. Impact per sourc...