Note:
This project will be discontinued after December 13, 2021. [more]
Product:
M3_atm_monitoring_system
(Lanatmservice)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-12-10 | CVE-2020-29666 | In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a user's cookie values and the predefined developer's cookie value. | M3_atm_monitoring_system | 5.3 | ||
| 2020-12-10 | CVE-2020-29667 | In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration. | M3_atm_monitoring_system | 9.8 |