Lucene search
HistoryOct 28, 2015 - 10:59 a.m.
CVE-2015-3971
cve-2015-3971
janitza umg
unauthenticated access
remote code execution
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
75.2%
The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require authentication, which allows remote attackers to read or write to files, or execute arbitrary JASIC code, via a session on TCP port 1239.
Affected configurations
Node
janitzaumg_508Match-
ORjanitzaumg_509Match-
ORjanitzaumg_511Match-
ORjanitzaumg_604Match-
ORjanitzaumg_605Match-
Related
nvd
nvd
CVE-2015-3971
2015-10-28 10:59:05
nessus
nessus
Janitza UMG Power Quality Measuring Improper Access Control (CVE-2015-3971)
2024-02-12 00:00:00
cvelist
cvelist
CVE-2015-3971
2015-10-28 10:00:00
prion
prion
Authentication flaw
2015-10-28 10:59:00
ics
ics
Janitza UMG Power Quality Measuring Products Vulnerabilities
2018-08-27 12:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
75.2%
Related for CVE-2015-3971