Vulnerabilities > CVE-2019-13988 - Unspecified vulnerability in Sierrawireless Mgos
Attack vector
ADJACENT_NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE low complexity
sierrawireless
Summary
Sierra Wireless MGOS before 3.15.2 and 4.x before 4.3 allows attackers to read log files via a Direct Request (aka Forced Browsing).
Vulnerable Configurations
References
- https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2020-006---mgos-security-update.ashx
- https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2020-006---mgos-security-update.ashx
- https://www.sierrawireless.com/company/security/
- https://www.sierrawireless.com/company/security/