Authentication bypass in XPS-Qx and XPS-Cx - CVE-2017-7919
Published: June 28, 2017
Vulnerability identifier: #VU7214
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-7919
CWE-ID: CWE-287
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Newport
Affected software:
XPS-Qx
XPS-Cx
XPS-Qx
XPS-Cx
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass authentication on the target system.
The weakness exists due to improper authentication. A remote attacker can access a specific uniform resource locator (URL), bypass authentication and view and edit settings.
Successful exploitation of the vulnerability may result in access to the system.
The weakness exists due to improper authentication. A remote attacker can access a specific uniform resource locator (URL), bypass authentication and view and edit settings.
Successful exploitation of the vulnerability may result in access to the system.
How to mitigate CVE-2017-7919
Install update from vendor's website.