Vulnerability Description
In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Iceqube | Thermal Management Center Firmware | < 4.13 |
| Iceqube | Thermal Management Center | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105303Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/105303Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-249-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2017-14026?
CVE-2017-14026 is a vulnerability with a CVSS score of 7.5 (HIGH). In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information.
How severe is CVE-2017-14026?
CVE-2017-14026 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-14026?
Check the references section above for vendor advisories and patch information. Affected products include: Iceqube Thermal Management Center Firmware, Iceqube Thermal Management Center.