CVE-2017-6046

HIGH

Sierra Wireless Airlink Raven XE Firmware < - - Information Disclosure

Title source: rule

Description

An Insufficiently Protected Credentials issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. Sensitive information is insufficiently protected during transmission and vulnerable to sniffing, which could lead to information disclosure.

References (2)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/98036

[Third Party Advisory, US Government Resource, VDB Entry] https://ics-cert.us-cert.gov/advisories/ICSA-17-115-02

Scores

CVSS v3 7.5

EPSS 0.0038

EPSS Percentile 59.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-522 CWE-200

Status draft

Affected Products (2)

sierra_wireless/airlink_raven_xe_firmware < -

sierra_wireless/airlink_raven_xt_firmware

Timeline

Published Jun 30, 2017

Tracked Since Feb 18, 2026