CVE-2019-6837
N/A
N/A
Summary
A Server-Side Request Forgery (SSRF): CWE-918 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could cause server configuration data to be exposed when an attacker modifies a URL.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| CVE-2019-6837 | U.motion Server | MEG6501-0001 - U.motion KNX server | affected |
| CVE-2019-6837 | U.motion Server | MEG6501-0002 - U.motion KNX Server Plus | affected |
| CVE-2019-6837 | U.motion Server | MEG6260-0410 - U.motion KNX Server Plus | affected |
| CVE-2019-6837 | U.motion Server | Touch 10 | affected |
| CVE-2019-6837 | U.motion Server | MEG6260-0415 - U.motion KNX Server Plus | affected |
| CVE-2019-6837 | U.motion Server | Touch 15 | affected |
Weaknesses
- CWE-918: Server-Side Request Forgery (SSRF): CWE-918
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.