CVE-2019-11856

Published at:
2020-08-21T19:15:11.700
Source: [email protected]

Global infos:

A nonce reuse vulnerability exists in the ACEView service of ALEOS before 4.13.0, 4.9.5, and 4.4.9 allowing message replay. Captured traffic to the ACEView service can be replayed to other gateways sharing the same credentials.

CVE Status: Modified

References:

  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityHIGH
    Attack VectorNETWORK
    Availability ImpactLOW
    Base Score3.3
    Base SeverityLOW
    Confidentiality ImpactNONE
    Integrity ImpactLOW
    Privileges RequiredHIGH
    ScopeUNCHANGED
    User InteractionNONE
    Vector StringCVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L
    Exploitability Score0.7
    Impact Score2.5
    Source[email protected]
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords