CVE-2016-0862: Infoleak
First published: Fri Feb 05 2016(Updated: )
General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to obtain sensitive cleartext account information via unspecified vectors.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ge Snmp\/web Adapter Firmware | <=4.7 | |
| Ge Snmp\/web Adapter 1024746 | ||
| Ge Snmp\/web Adapter 1024747 | ||
| Ge Snmp\/web Adapter 1024748 | ||
| Ge Snmp\/web Adapter 1024921 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://apps.geindustrial.com/publibrary/checkout/Application%20and%20Technical%7CGEIS_SNMP%7CPDF&filename=GEIS_SNMP.pdf
- http://packetstormsecurity.com/files/135586/GE-Industrial-Solutions-UPS-SNMP-Adapter-Command-Injection.html
- http://seclists.org/fulldisclosure/2016/Feb/21
- https://ics-cert.us-cert.gov/advisories/ICSA-16-033-02
- https://www.exploit-db.com/exploits/39408/
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ge
- canonical/ge snmp\/web adapter firmware
- version/ge snmp\/web adapter firmware/4.7
- canonical/ge snmp\/web adapter 1024746
- canonical/ge snmp\/web adapter 1024747
- canonical/ge snmp\/web adapter 1024748
- canonical/ge snmp\/web adapter 1024921