CVE-2015-7914

EUVD-2015-7812
Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attackers to bypass authentication by leveraging knowledge of a password hash without knowledge of the associated password.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
sautermoduweb_vision
𝑥
≤ 1.5.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2016/Feb/25
https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01
http://seclists.org/fulldisclosure/2016/Feb/25
https://ics-cert.us-cert.gov/advisories/ICSA-16-033-01