← back
CVE-2017-7928

CVE-2017-7928

EPSS 2.3%CWE-284
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 2.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
07 Aug 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may allow for unauthorized communications to downstream devices.
Affected products
n/a · Schweitzer Engineering Laboratories, Inc. SEL-3620 and SEL-3622

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://ics-cert.us-cert.gov/advisories/ICSA-17-192-06http://www.securityfocus.com/bid/99536