Published: 31/08/2022 Updated: 06/09/2022

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

AutomationDirect C-more EA9 HTTP webserver uses an insecure mechanism to transport credentials from client to web server, which may allow an malicious user to obtain the login credentials and login as a valid user. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions before 6.73; EA9-T6CL-R versions before 6.73; EA9-T7CL versions before 6.73; EA9-T7CL-R versions before 6.73; EA9-T8CL versions before 6.73; EA9-T10CL versions before 6.73; EA9-T10WCL versions before 6.73; EA9-T12CL versions before 6.73; EA9-T15CL versions before 6.73; EA9-RHMI versions before 6.73; EA9-PGMSW versions before 6.73;

Vulnerable Product	Search on Vulmon	Subscribe to Product
automationdirect c-more_ea9-t6cl_firmware
automationdirect c-more_ea9-t6cl-r_firmware
automationdirect c-more_ea9-t7cl_firmware
automationdirect c-more_ea9-t7cl-r_firmware
automationdirect c-more_ea9-t8cl_firmware
automationdirect c-more_ea9-t10cl_firmware
automationdirect c-more_ea9-t10wcl_firmware
automationdirect c-more_ea9-t12cl_firmware
automationdirect c-more_ea9-t15cl_firmware
automationdirect c-more_ea9-t15cl-r_firmware
automationdirect c-more_ea9-rhmi_firmware
automationdirect c-more_ea9-pgmsw_firmware

CWE-319 https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01 https://nvd.nist.gov https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-01

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-2005

Vulnerability Summary

Vulnerability Trend

ICS Advisories

References

Vulmon Search

About

Products

Connect