CVE-2016-4494

Properties

Published:
08.06.2016
Updated:
10.06.2016
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Product:
kmc_controls: bac-5051e_firmware

Vulnerability description

Cross-site request forgery (CSRF) vulnerability on KMC Controls BAC-5051E devices with firmware before E0.2.0.2 allows remote attackers to hijack the authentication of unspecified victims for requests that disclose the contents of a configuration file.

References:

MISC:https://ics-cert.us-cert.gov/advisories/ICSA-16-126-01