CVE-2017-12733 Information
Feb 14, 2021
cve
Description
A Missing Authentication for Critical Function issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100 SiteSentinel Integra 500 and SiteSentinel iSite ATG consoles with the following software versions: older than V175 V175-V189 V191-V195 and V16Q3.1. An attacker may create an application user account to gain administrative privileges.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Reference
http://www.securityfocus.com/bid/100563 https://ics-cert.us-cert.gov/advisories/ICSA-17-243-04
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
9.8
Share on: