Early Access — Mondoo Vulnerability Intelligence is currently in preview.
As the service interaction is performed without authentication, an attacker with some knowledge of the protocol could obtain information about the charger via OCPP v1.6.
Exploitability
AV:AAC:LAT:NPR:NUI:NVulnerable System
VC:LVI:NVA:NSubsequent System
SC:NSI:NSA:N5.3/CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:NOther