In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.
References
Link | Resource |
---|---|
https://www.us-cert.gov/ics/advisories/icsa-20-051-03 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2020-03-24T16:38:57
Updated: 2020-03-24T16:38:57
Reserved: 2020-01-14T00:00:00
Link: CVE-2020-6972
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-03-24T17:15:11.467
Modified: 2020-03-27T19:46:47.987
Link: CVE-2020-6972
JSON object: View
Redhat Information
No data.
CWE