An information disclosure vulnerability exists in the ACEManager authentication functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The ACEManager authentication functionality is done in plaintext XML to the web server. An attacker can listen to network traffic upstream from the device to capitalize on this vulnerability.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: talos
Published: 2019-05-06T17:42:02
Updated: 2019-05-07T19:23:04
Reserved: 2018-01-02T00:00:00
Link: CVE-2018-4069
JSON object: View
NVD Information
Status : Modified
Published: 2019-05-06T18:29:00.477
Modified: 2019-05-07T20:29:01.750
Link: CVE-2018-4069
JSON object: View
Redhat Information
No data.
CWE