5
CVSSv2

CVE-2019-10849

Published: 23/05/2019 Updated: 12/11/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

Computrols CBAS Web could allow a remote malicious user to obtain sensitive information, caused by lacking protection in subversion directory. A remote attacker could exploit this vulnerability to obtain sensitive information.

Vulnerability Trend

Affected Products

Exploits

# Exploit Title: CBAS-Web 1900 - Information Disclosure # Google Dork: NA # Date: 2019-11-11 # Exploit Author: LiquidWorm # Vendor Homepage: wwwcomputrolscom/capabilities-cbas-web/ # Software Link: wwwcomputrolscom/building-automation-software/ # Version: 1900 # Tested on: NA # CVE : CVE-2019-10849 # Advisory: applie ...

Mailing Lists

Computrols CBAS-Web versions 1900 and below suffer from an information disclosure vulnerability ...