Vulnerability Description
Information disclosure via error message discrepancies in authentication functions in Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to enumerate valid usernames.
CVSS Score
5.3
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Blaauwproducts | Remote Kiln Control | < 3.0.0 |
Related Weaknesses (CWE)
References
- https://github.com/lodestone-security/CVEs/blob/master/remote_kiln_control/an_unExploitThird Party Advisory
- https://lodestonesecurity.comNot Applicable
- https://github.com/lodestone-security/CVEs/blob/master/remote_kiln_control/an_unExploitThird Party Advisory
- https://lodestonesecurity.comNot Applicable
FAQ
What is CVE-2019-18865?
CVE-2019-18865 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Information disclosure via error message discrepancies in authentication functions in Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to enumerate valid usernames.
How severe is CVE-2019-18865?
CVE-2019-18865 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-18865?
Check the references section above for vendor advisories and patch information. Affected products include: Blaauwproducts Remote Kiln Control.