- Description
- A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
- ics-cert@hq.dhs.gov
- CWE-522
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redlion:da50n_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A81A3812-8347-40A1-8742-1B5BEF12B894"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:redlion:da50n:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B58B0481-AE48-4B7A-B57B-4FA6B573C040"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]