6 matches found
EUVD-2020-4798
Malware in sbrugna...
CVE-2020-12496
Endress+Hauser Ecograph T Neutral/Private Label RSG35, ORSG35 and Memograph M Neutral/Private Label RSG45, ORSG45 with Firmware version V2.0.0 and above is prone to exposure of sensitive information to an unauthorized actor. The firmware release has a dynamic token for each request submitted to t...
CVE-2020-12496
Endress+Hauser Ecograph T Neutral/Private Label RSG35, ORSG35 and Memograph M Neutral/Private Label RSG45, ORSG45 with Firmware version V2.0.0 and above is prone to exposure of sensitive information to an unauthorized actor. The firmware release has a dynamic token for each request submitted to t...
Code injection
Endress+Hauser Ecograph T Neutral/Private Label RSG35, ORSG35 and Memograph M Neutral/Private Label RSG45, ORSG45 with Firmware version V2.0.0 and above is prone to exposure of sensitive information to an unauthorized actor. The firmware release has a dynamic token for each request submitted to t...
CVE-2020-12496
The CVE-2020-12496 entry concerns Endress+Hauser Ecograph T and Memograph M devices (Firmware v2.0.0 and above). A server-side access-control matrix misconfiguration allows a low-privilege user to access endpoints that should be restricted, leading to exposure of sensitive information. The firmwa...
CVE-2020-12496 ENDRESS+HAUSER: Ecograph T utilizing Webserver firmware version 2.x exposures sensitive information to an unauthorized actor
Endress+Hauser Ecograph T Neutral/Private Label RSG35, ORSG35 and Memograph M Neutral/Private Label RSG45, ORSG45 with Firmware version V2.0.0 and above is prone to exposure of sensitive information to an unauthorized actor. The firmware release has a dynamic token for each request submitted to t...