MEDIUM🇬🇧 English

CVE-2022-3089

CVSS 6.3v3.1pub. 2023-02-13upd. 2024-11-21

Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H
  • Echelon I.lon Vision

    APP
    Echelon
    2.2
  • Echelon Smartserver

    HW
    Echelon
    2.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2018-10627CRITICAL9.8ten sam vendor

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versio...

CVE-2018-8851CRITICAL9.8ten sam vendor

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versio...

CVE-2018-8855CRITICAL9.8ten sam vendor

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versio...

CVE-2018-8859CRITICAL9.8ten sam vendor

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versio...

CVE-2022-3089 — MEDIUM 6.3 | CVEbaza.pl