A Missing Authentication for Critical Function issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older than V175, V175-V189, V191-V195, and V16Q3.1. An attacker may create an application user account to gain administrative privileges.
References
Link | Resource |
---|---|
https://ics-cert.us-cert.gov/advisories/ICSA-17-243-04 | Mitigation Third Party Advisory US Government Resource VDB Entry |
http://www.securityfocus.com/bid/100563 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Information
Published : 2017-09-08 18:29
Updated : 2019-10-09 16:23
NVD link : CVE-2017-12733
Mitre link : CVE-2017-12733
JSON object : View
CWE
CWE-306
Missing Authentication for Critical Function
Products Affected
opwglobal
- sitesentinel_integra_500
- sitesentinel_isite_atg
- sitesentinel_integra_500_firmware
- sitesentinel_integra_100
- sitesentinel_integra_100_firmware
- sitesentinel_isite_atg_firmware