Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:8 a.m.10 views

CVE-2019-14475

eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in the ability to read the service messages, clear the system protocol, create a new user in the...

8.2CVSS6.5AI score0.01969EPSS
Exploits2References1
NVD
NVD
added 2019/08/05 8:15 p.m.28 views

CVE-2019-14475

eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in the ability to read the service messages, clear the system protocol, create a new user in the...

7.5CVSS7.6AI score0.01969EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/08/05 7:27 p.m.25 views

CVE-2019-14475

eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID from CVE-2019-9583, resulting in the ability to read the service messages, clear the system protocol, create a new user in the...

7.6AI score0.01969EPSS
Exploits1References1
CVE
CVE
added 2019/08/05 7:27 p.m.71 views

CVE-2019-14475

CVE-2019-14475 concerns eQ-3 Homematic CCU2 (versions up to 2.47.15) and CCU3 (up to 3.47.15). The root cause is that session IDs are used for authentication but there are no proper authorization checks, permitting an attacker who obtains a session ID (from CVE-2019-9583) to perform elevated acti...

7.5CVSS7.5AI score0.01969EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder