Vulnerability Details CVE-2017-20019
A vulnerability classified as problematic was found in Solare Solar-Log 2.8.4-56/3.5.2-85. Affected by this vulnerability is an unknown functionality of the component Config Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 3.5.3-86 is able to address this issue. It is recommended to upgrade the affected component.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.6%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 5.0
References
Products affected by CVE-2017-20019
-
cpe:2.3:h:solar-log:solar-log_1000:-
-
cpe:2.3:h:solar-log:solar-log_1000_pm+:-
-
cpe:2.3:h:solar-log:solar-log_1200:-
-
cpe:2.3:h:solar-log:solar-log_2000:-
-
cpe:2.3:h:solar-log:solar-log_250:-
-
cpe:2.3:h:solar-log:solar-log_300:-
-
cpe:2.3:h:solar-log:solar-log_500:-
-
cpe:2.3:h:solar-log:solar-log_800e:-
-
cpe:2.3:o:solar-log:solar-log_1000_firmware:2.8.4-56
-
cpe:2.3:o:solar-log:solar-log_1000_firmware:3.5.2-85
-
cpe:2.3:o:solar-log:solar-log_1000_pm+_firmware:2.8.4-56
-
cpe:2.3:o:solar-log:solar-log_1000_pm+_firmware:3.5.2-85
-
cpe:2.3:o:solar-log:solar-log_1200_firmware:2.8.4-56
-
cpe:2.3:o:solar-log:solar-log_1200_firmware:3.5.2-85
-
cpe:2.3:o:solar-log:solar-log_2000_firmware:2.8.4-56
-
cpe:2.3:o:solar-log:solar-log_2000_firmware:3.5.2-85
-
cpe:2.3:o:solar-log:solar-log_250_firmware:2.8.4-56
-
cpe:2.3:o:solar-log:solar-log_250_firmware:3.5.2-85
-
cpe:2.3:o:solar-log:solar-log_300_firmware:2.8.4-56
-
cpe:2.3:o:solar-log:solar-log_300_firmware:3.5.2-85
-
cpe:2.3:o:solar-log:solar-log_500_firmware:2.8.4-56
-
cpe:2.3:o:solar-log:solar-log_500_firmware:3.5.2-85
-
cpe:2.3:o:solar-log:solar-log_800e_firmware:2.8.4-56
-
cpe:2.3:o:solar-log:solar-log_800e_firmware:3.5.2-85