Vulnerability Details CVE-2019-10990
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to access configuration files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.2%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
Products affected by CVE-2019-10990
-
cpe:2.3:a:redlion:crimson:-
-
cpe:2.3:a:redlion:crimson:1.0
-
cpe:2.3:a:redlion:crimson:2.0
-
cpe:2.3:a:redlion:crimson:2.1
-
cpe:2.3:a:redlion:crimson:3.0
-
cpe:2.3:a:redlion:crimson:3.1
-
cpe:2.3:a:redlion:crimson:3.2