CVE-2016-2311
MEDIUMBlack Box ServSensor, ServSensor Junior, and ServSensor Contact < SP473 - Authenticated Password Exposure
Title source: llmDescription
Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks ServSensor Contact with firmware before SP473 allow remote authenticated users to discover administrator and user passwords via unspecified vectors.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-16-147-03
Scores
CVSS v3
6.5
EPSS
0.0115
EPSS Percentile
63.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
CWE-255
Status
published
Products (3)
blackbox/alertwerks_servsensor_contact_firmware
blackbox/alertwerks_servsensor_firmware
blackbox/alertwerks_servsensor_junior_firmware
(2 CPE variants)
Published
May 30, 2016
Tracked Since
Feb 18, 2026