- Description
- SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to access via HTTP to the internal configuration database of the device without any authentication. An attacker could exploit this vulnerability in order to obtain information about the device´s configuration.
- Source
- cve-coordination@incibe.es
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 3.3
- Impact score
- 1.4
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sitel-sa:cap\\/prx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0B5B8AD2-407A-4663-8422-B27769EFC0C6"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sitel-sa:cap\\/prx_firmware:5.2.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68BAF579-93DD-4CC3-AA6D-B96020C3F02B"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]