Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to retrieve and change sensitive configuration items such as the usernames and passwords for the Web and FTP servers. This vulnerability does not affect the i.LON 600 product.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-18-200-03 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2018-07-19T00:00:00
Updated: 2018-07-24T16:57:01
Reserved: 2018-05-01T00:00:00
Link: CVE-2018-10627
JSON object: View
NVD Information
Status : Modified
Published: 2018-07-24T17:29:00.260
Modified: 2019-10-09T23:32:57.040
Link: CVE-2018-10627
JSON object: View
Redhat Information
No data.
CWE