Restrict access to TCP/3306 and TCP/8765. End users should make sure that Windows Firewall is enabled on the IntraVUE server, should add firewall restrictions to prevent access to the IntraVUE server from most systems on their network. Users should modify permissions on IntraVUE system directories and should monitor access to the web application for suspicious and malicious behavior.
CVSSV3 BASE / TEMPORAL SCORE
Cross-Site Request Forgery (CSRF)
Use of Hard-coded Credentials
Loss of View
Loss of Control
07/10/2019 - Dragos discloses issue