Vulnerabilities > CVE-2016-0865 - Credentials Management vulnerability in Tollgrade Smartgrid Lighthouse Sensor Management System 4.1.0/5.0

047910
CVSS 9.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
tollgrade
CWE-255
critical

Summary

Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS before 5.1, and 4.1.0 Build 16, allows remote authenticated users to change arbitrary passwords via unspecified vectors.

Common Weakness Enumeration (CWE)