CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-7907

Directory traversal vulnerability in the web server on Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allows remote attackers to bypass authentication, and write to a configuration file or trigger a calibration or test, via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.5%

CVSS Severity

CVSS v3 Score 8.6

CVSS v2 Score 6.4

References

https://ics-cert.us-cert.gov/advisories/ICSA-15-309-02
https://ics-cert.us-cert.gov/advisories/ICSA-15-309-02

Products affected by CVE-2015-7907

Honeywell » Midas Black Firmware » Version: 2.13b1

cpe:2.3:o:honeywell:midas_black_firmware:2.13b1
Honeywell » Midas Firmware » Version: 1.13b1

cpe:2.3:o:honeywell:midas_firmware:1.13b1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-7907

Products

Pricing

Contact Us