Required CVE Record Information
Description
Delta Electronics DIAEnergie (Version 1.7.5 and prior) is vulnerable to cleartext transmission as the web application runs by default on HTTP. This could allow an attacker to remotely read transmitted information between the client and product.
CVSS 1 Total
| Score | Severity | Version | Vector String |
|---|---|---|---|
| 7.1 | HIGH | 3.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N |
Credits
- Michael Heinzl reported these vulnerabilities to CISA.
References 1 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.