Vulnerabilities > CVE-2019-18235 - Improper Restriction of Excessive Authentication Attempts vulnerability in Advantech Spectre RT Ert351 Firmware

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
advantech
CWE-307

Summary

Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication parameters required for the web application may allow an attacker to gain full access using a brute-force password attack.

Vulnerable Configurations

Part Description Count
OS
Advantech
1
Hardware
Advantech
1