CVE-2019-11857

CRITICAL

ALEOS <4.12.0, 4.9.5, 4.4.9 - Info Disclosure

Title source: llm
STIX 2.1

Description

Lack of input sanitization in AceManager of ALEOS before 4.12.0, 4.9.5 and 4.4.9 allows disclosure of sensitive system information.

Scores

CVSS v3 9.1
EPSS 0.0206
EPSS Percentile 79.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (1)
sierrawireless/aleos < 4.12.0
Published Aug 21, 2020
Tracked Since Feb 18, 2026