CVE-2019-11894
5.7
CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
A potential improper access control vulnerability exists in the backup mechanism of the Bosch Smart Home Controller (SHC) before 9.8.905 that may result in unauthorized download of a backup. In order to exploit the vulnerability, the adversary needs to download the backup directly after a backup triggered by a legitimate user has been completed.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Bosch | Smart Home Controller | unspecified < 9.8.905 | affected |
Weaknesses
- CWE-284: CWE-284 Improper Access Control
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.