Session Token Vulnerability in Janitza UMG Devices by Janitza
CVE-2015-3973

Currently unrated

Key Information:

Vendor: Janitza
Status: Umg 508; Umg 509; Umg 604; Umg 605
Vendor: CVE Published:; 28 October 2015

What is CVE-2015-3973?

Janitza UMG 508, 509, 511, 604, and 605 devices have a vulnerability in the way they generate session tokens, allowing attackers to potentially compute session-token values. This flaw could lead to the exposure of sensitive information, such as user PINs, putting these devices at risk of unauthorized access.

References

https://ics-cert.us-cert.gov/advisories/ICSA-15-265-03

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 28, 2015
Vulnerability Reserved
May 12, 2015

CVE-2015-3973 Data

JSON