CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-3972

The web interface on Janitza UMG 508, 509, 511, 604, and 605 devices supports only short PIN values for authentication, which makes it easier for remote attackers to obtain access via a brute-force attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.9%

CVSS Severity

CVSS v2 Score 10.0

References

https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03
https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03

Products affected by CVE-2015-3972

Janitza » Umg 508 » Version: N/A

cpe:2.3:h:janitza:umg_508:-
Janitza » Umg 509 » Version: N/A

cpe:2.3:h:janitza:umg_509:-
Janitza » Umg 511 » Version: N/A

cpe:2.3:h:janitza:umg_511:-
Janitza » Umg 604 » Version: N/A

cpe:2.3:h:janitza:umg_604:-
Janitza » Umg 605 » Version: N/A

cpe:2.3:h:janitza:umg_605:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-3972

Products

Pricing

Contact Us