2 matches found
CVE-2019-7280
Prima Systems FlexAir, Versions 2.3.38 and prior. The session-ID is of an insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session and bypass authentication...
CVE-2019-7280
The CVE affects Prima Systems FlexAir up to version 2.3.38. The issue is that the session-ID is of insufficient length, allowing brute-force attempts to obtain a valid session and bypass authentication, potentially enabling remote access. Public references describe multiple CVEs in the same relea...