CVE-2016-2311

MEDIUM

Blackbox Alertwerks Servsensor Junior... - Information Disclosure

Title source: rule

Description

Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks ServSensor Contact with firmware before SP473 allow remote authenticated users to discover administrator and user passwords via unspecified vectors.

References (1)

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-16-147-03

Scores

CVSS v3 6.5

EPSS 0.0032

EPSS Percentile 55.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-200 CWE-255

Status draft

Affected Products (4)

blackbox/alertwerks_servsensor_junior_firmware

blackbox/alertwerks_servsensor_contact_firmware

blackbox/alertwerks_servsensor_firmware

blackbox/alertwerks_servsensor_junior_firmware

Timeline

Published May 30, 2016

Tracked Since Feb 18, 2026