Lucene search
+L
BoschIot Gateway Software

4 matches found

CVE
CVE
added 2019/08/21 5:9 p.m.78 views

CVE-2019-11897

The CVE-2019-11897 issue is a Server-Side Request Forgery (SSRF) in the backup & restore functionality of older ProSyst mBS SDK releases (before 8.2.6) and Bosch IoT Gateway Software (before 9.3.0). The vulnerability allows a remote attacker to forge GET requests to arbitrary URLs, potentially en...

8.6CVSS8.4AI score0.01782EPSS
CVE
CVE
added 2019/08/21 7:29 p.m.70 views

CVE-2019-11603

CVE-2019-11603 describes an HTTP path traversal in ProSyst mBS SDK prior to 8.2.6 and Bosch IoT Gateway Software prior to 9.0.2, enabling remote attackers to read files outside the HTTP root. Affected components: ProSyst mBS SDK <8.2.6 and Bosch IoT Gateway Software

7.5CVSS7.5AI score0.0242EPSS
CVE
CVE
added 2019/08/21 7:21 p.m.69 views

CVE-2019-11602

This CVE affects older releases of ProSyst mBS SDK and Bosch IoT Gateway Software, where remote access to backup and restore leaks stack traces that reveal filesystem structure. Affected components are the backup/restore functionality in ProSyst mBS SDK prior to 8.2.6 and Bosch IoT Gateway Softwa...

5.3CVSS5.2AI score0.01059EPSS
CVE
CVE
added 2019/08/21 7:9 p.m.66 views

CVE-2019-11601

This CVE describes a directory traversal vulnerability in the remote access to the backup and restore functionality of ProSyst mBS SDK and Bosch IoT Gateway Software. Affected products and versions: ProSyst mBS SDK before 8.2.6; Bosch IoT Gateway Software before 9.2.0. Root cause, as stated in th...

9.1CVSS7.8AI score0.02688EPSS