Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid connection is established with the database. However, these PHP pages do not verify the validity of a user. Attackers could leverage this lack of verification to read the state of outlets.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2022-12-21T22:29:36.679Z

Updated: 2024-08-03T01:00:10.778Z

Reserved: 2022-09-12T20:22:59.954Z

Link: CVE-2022-3187

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-12-21T23:15:09.787

Modified: 2024-11-21T07:19:00.227

Link: CVE-2022-3187

cve-icon Redhat

No data.