A potential improper access control vulnerability exists in the backup mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in unauthorized download of a backup. In order to exploit the vulnerability, the adversary needs to download the backup directly after a backup triggered by a legitimate user has been completed.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: bosch

Published: 2019-05-29T20:03:48.103119Z

Updated: 2024-09-17T00:46:00.989Z

Reserved: 2019-05-13T00:00:00

Link: CVE-2019-11894

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-05-29T21:29:02.073

Modified: 2024-11-21T04:21:58.523

Link: CVE-2019-11894

cve-icon Redhat

No data.