CVE Vulnerabilities

CVE-2014-2717

Published: Jul 24, 2014 | Modified: Jul 25, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.6 HIGH
AV:N/AC:H/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain administrative access by visiting the change-password page.

Affected Software

Name Vendor Start Version End Version
Falcon_xlweb_linux_controller Honeywell * 2.04.01 (including)
Falcon_xlweb_xlwebexe Honeywell * 2.02.11 (including)

References