Vulnerability Description
DTEN D5 and D7 before 1.3.2 devices allows remote attackers to read saved whiteboard image PDF documents via storage/emulated/0/Notes/PDF on TCP port 8080 without authentication.
CVSS Score
5.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Dten | D5 Firmware | < 1.3.2 |
| Dten | D5 | - |
| Dten | D7 Firmware | < 1.3.2 |
| Dten | D7 | - |
Related Weaknesses (CWE)
References
- https://www.forescout.com/company/blog/dten-vulnerability/Third Party Advisory
- https://www.forescout.com/company/blog/dten-vulnerability/Third Party Advisory
FAQ
What is CVE-2019-16271?
CVE-2019-16271 is a vulnerability with a CVSS score of 5.3 (MEDIUM). DTEN D5 and D7 before 1.3.2 devices allows remote attackers to read saved whiteboard image PDF documents via storage/emulated/0/Notes/PDF on TCP port 8080 without authentication.
How severe is CVE-2019-16271?
CVE-2019-16271 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-16271?
Check the references section above for vendor advisories and patch information. Affected products include: Dten D5 Firmware, Dten D5, Dten D7 Firmware, Dten D7.