Vulnerability Description
A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all versions prior to v6.87. Use of a hard-coded password may allow unauthorized access to the device.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phoenixbroadband | Poweragent Sc3 Bms Firmware | <= 6.86 |
| Phoenixbroadband | Poweragent Sc3 Bms | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/98781Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-152-01MitigationThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/98781Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-17-152-01MitigationThird Party AdvisoryUS Government Resource
FAQ
What is CVE-2017-6039?
CVE-2017-6039 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all versions prior to v6.87. Use of a hard-coded password may allow unauthorized access to the device.
How severe is CVE-2017-6039?
CVE-2017-6039 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-6039?
Check the references section above for vendor advisories and patch information. Affected products include: Phoenixbroadband Poweragent Sc3 Bms Firmware, Phoenixbroadband Poweragent Sc3 Bms.