Vulnerability Details : CVE-2016-5786
An issue was discovered in OmniMetrix OmniView, Version 1.2. The OmniView web application transmits credentials with the HTTP protocol, which could be sniffed by an attacker that may result in the compromise of account credentials.
Vulnerability category: Information leak
Products affected by CVE-2016-5786
- cpe:2.3:a:omnimetrix:omniview:1.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-5786
0.46%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 61 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-5786
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-5786
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-5786
-
http://www.securityfocus.com/bid/94937
OmniView ICSA-16-350-02 Multiple Information Disclosure VulnerabilitiesVDB Entry;Third Party Advisory
-
https://ics-cert.us-cert.gov/advisories/ICSA-16-350-02
OmniMetrix OmniView Vulnerabilities | CISAMitigation;Third Party Advisory;US Government Resource
Jump to