CVE-2017-13992

An Insufficient Entropy issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not utilize sufficiently random number generation for the web interface authentication mechanism, which could allow remote code execution.
References
Link Resource
http://www.securityfocus.com/bid/100847 Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-17-257-01 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:loytec:lvis-3me_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:loytec:lvis-3me:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-10-05 21:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-13992

Mitre link : CVE-2017-13992

CVE.ORG link : CVE-2017-13992


JSON object : View

Products Affected

loytec

  • lvis-3me
  • lvis-3me_firmware
CWE
CWE-331

Insufficient Entropy