CVE-2025-2861
CVE-2025-2861
Título es
CVE-2025-2861
Vie, 28/03/2025 – 14:15
Tipo
CWE-319
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2025-2861
Descripción en
SaTECH BCU in its firmware version 2.1.3 uses the HTTP protocol. The use of the HTTP protocol for web browsing has the problem that information is exchanged in unencrypted text. Since sensitive data such as credentials are exchanged, an attacker could obtain them and log in legitimately.
28/03/2025
28/03/2025
Vector CVSS:4.0
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Gravedad 4.0
6.90
Gravedad 4.0 txt
MEDIUM
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis
Referencias
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-arteches-satech-bcu
Enviar en el boletín
Off
