CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-20007

Ingeteam INGEPAC DA AU AUC_1.13.0.28 (and before) web application allows access to a certain path that contains sensitive information that could be used by an attacker to execute more sophisticated attacks. An unauthenticated remote attacker with access to the device´s web service could exploit this vulnerability in order to obtain different configuration files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.3%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

https://www.incibe-cert.es/en/early-warning/ics-advisories/information-exposure-ingepac-da-au
https://www.incibe-cert.es/en/early-warning/ics-advisories/information-exposure-ingepac-da-au

Products affected by CVE-2017-20007

Ingeteam » Ingepac Da Au » Version: N/A

cpe:2.3:h:ingeteam:ingepac_da_au:-
Ingeteam » Ingepac Da Au Firmware » Version: N/A

cpe:2.3:o:ingeteam:ingepac_da_au_firmware:-
Ingeteam » Ingepac Da Au Firmware » Version: auc_1.13.0.28

cpe:2.3:o:ingeteam:ingepac_da_au_firmware:auc_1.13.0.28

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-20007

Products

Pricing

Contact Us