Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:basystems:isc2000_firmware:01.01.00:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2017-17974 |
BA SYSTEMS BAS Web on BAS920 devices (with Firmware 01.01.00*, HTTPserv 00002, and Script 02.*) and ISC2000 devices allows remote attackers to obtain sensitive information via a request for isc/get_sid_js.aspx or isc/get_sid.aspx, as demonstrated by obtaining administrative access by subsequently using the credential information for the Supervisor/Administrator account. Published: December 29, 2017; 4:29:00 PM -0500 |
V3.0: 9.8 CRITICAL V2.0: 5.0 MEDIUM |