CVSS: 10.0EPSS: 0%CPEs: 14EXPL: 0CVE-2017-7928
https://notcve.org/view.php?id=CVE-2017-7928
An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may allow for unauthorized communications to downstream devices. Se ha descubierto un problema de control de acceso incorrecto en Schweitzer Engineering Laboratories (SEL) SEL-3620 y SEL-3622 Security Gateway Versiones R202 y, R203, R203-V1, R203-V2 y, R204, R204-V1. El dispositivo no aplica correctamente controles de acceso al estar configurado para el reenvío de puertos NAT, lo que podría permitir que se realizasen comunicaciones no autorizadas a dispositivos de bajada. • http://www.securityfocus.com/bid/99536 https://ics-cert.us-cert.gov/advisories/ICSA-17-192-06 • CWE-284: Improper Access Control •