ID CVE-2020-11646
Summary A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to view log information reserved for other users.
References
Vulnerable Configurations
  • cpe:2.3:o:br-automation:gatemanager_9250_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:br-automation:gatemanager_9250_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:br-automation:gatemanager_9250:-:*:*:*:*:*:*:*
    cpe:2.3:h:br-automation:gatemanager_9250:-:*:*:*:*:*:*:*
  • cpe:2.3:o:br-automation:gatemanager_4260_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:br-automation:gatemanager_4260_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:br-automation:gatemanager_4260:-:*:*:*:*:*:*:*
    cpe:2.3:h:br-automation:gatemanager_4260:-:*:*:*:*:*:*:*
  • cpe:2.3:o:br-automation:gatemanager_8250_firmware:*:*:*:*:*:*:*:*
    cpe:2.3:o:br-automation:gatemanager_8250_firmware:*:*:*:*:*:*:*:*
  • cpe:2.3:h:br-automation:gatemanager_8250:-:*:*:*:*:*:*:*
    cpe:2.3:h:br-automation:gatemanager_8250:-:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 03-11-2021 - 20:12)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:N/A:N
refmap via4
misc
Last major update 03-11-2021 - 20:12
Published 15-10-2020 - 15:15
Last modified 03-11-2021 - 20:12
Back to Top