CVE-2019-6832

CWE-287Improper Authentication3 documents3 sources
Severity
8.3HIGH
EPSS
0.3%
top 43.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Schneider-electric Spacelynk FirmwareSchneider-electric Wiser FOR KNX FirmwareSchneider Electric SE Spacelynk+1 more
Timeline
PublishedSep 17
Latest updateMay 24

Description

A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 2.4.0) and Wiser for KNX (all versions before 2.4.0 - formerly known as homeLYnk), which could cause loss of control when an attacker bypasses the authentication.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:LExploitability: 2.8 | Impact: 5.5

Affected Packages4 packages

CVEListV5schneider_electric_se/spacelynkall versions before 2.4.0
CVEListV5schneider_electric_se/wiser_for_knxall versions before 2.4.0 - formerly known as homeLYnk

🔴Vulnerability Details

2
GHSA
GHSA-754f-pvcx-m72f: A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 22022-05-24
CVEList
CVE-2019-6832: A CWE-287: Authentication vulnerability exists in spaceLYnk (all versions before 22019-09-17
CVE-2019-6832 (HIGH CVSS 8.3) | A CWE-287: Authentication vulnerabi | cvebase.io