What is GHSA-v23f-q7r3-x5cj?

GHSA-v23f-q7r3-x5cj is a security advisory published by GitHub Security Advisories with Medium severity. Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a...

Which CVE IDs does GHSA-v23f-q7r3-x5cj cover?

GHSA-v23f-q7r3-x5cj covers the following CVE IDs: CVE-2019-10990. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-v23f-q7r3-x5cj?

GHSA-v23f-q7r3-x5cj has a CVSS v3 base score of 6.5, published by GitHub Security Advisories.

GHSA-v23f-q7r3-x5cjMediumCVSS 6.5

Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a...

Vendor

GitHub Security Advisories

Published

May 24, 2022

Last Modified

June 2, 2026

🔗 CVE IDs covered (1)

CVE-2019-10990 →

📋 Description

Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protected files in transit and at rest, which may allow an attacker to access configuration files.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2019-10990
https://www.us-cert.gov/ics/advisories/icsa-19-248-01
https://github.com/advisories/GHSA-v23f-q7r3-x5cj