Vulnerabilities > CVE-2019-7272 - Missing Authorization vulnerability in Optergy Enterprise and Proton

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
optergy
CWE-862
exploit available

Summary

Optergy Proton/Enterprise devices allow Username Disclosure.

Vulnerable Configurations

Part Description Count
Application
Optergy
2

Common Weakness Enumeration (CWE)

Exploit-Db

idEDB-ID:47640
last seen2019-11-13
modified2019-11-12
published2019-11-12
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/47640
titleOptergy 2.3.0a - Username Disclosure

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/155259/ar-2019-008-1.txt
idPACKETSTORM:155259
last seen2019-11-14
published2019-11-12
reporterLiquidWorm
sourcehttps://packetstormsecurity.com/files/155259/Optergy-BMS-2.0.3a-Account-Reset-Username-Disclosure.html
titleOptergy BMS 2.0.3a Account Reset / Username Disclosure