CVE-2019-9530 - The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions

CVE-2019-9530

Summary

The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, local attacker connected to the device to access and download any file found in the web root directory.

References

https://kb.cert.org/vuls/id/719689/

Vulnerable Configurations

cpe:2.3:o:cobham:explorer_710_firmware:1.07:*:*:*:*:*:*:*
cpe:2.3:o:cobham:explorer_710_firmware:1.07:*:*:*:*:*:*:*
cpe:2.3:h:cobham:explorer_710:-:*:*:*:*:*:*:*
cpe:2.3:h:cobham:explorer_710:-:*:*:*:*:*:*:*

CVSS

Base:	4.9 (as of 26-10-2021 - 20:17)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	NONE	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:N/A:N

refmap via4

cert-vn

VU#719689

Last major update

26-10-2021 - 20:17

Published

10-10-2019 - 20:15

Last modified

26-10-2021 - 20:17