CVE-2015-3949

EUVD-2015-3980
Sinapsi eSolar Light with firmware before 2.0.3970_schsl_2.2.85 allows attackers to discover cleartext passwords by reading the HTML source code of the mail-configuration page.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
sinapsiesolar_light_firmware
𝑥
≤ 2.0.3970
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/75100
https://ics-cert.us-cert.gov/advisories/ICSA-15-160-02
http://www.securityfocus.com/bid/75100
https://ics-cert.us-cert.gov/advisories/ICSA-15-160-02