CVE-2017-14026 Information

Description

In Ice Qube Thermal Management Center versions prior to version 4.13 the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

http://www.securityfocus.com/bid/105303 https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.5