Описание
Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map (passwd.nis) as a file attachment in diagnostic e-mail messages, which allows remote attackers to obtain the cleartext NIS password hashes.
Ссылки
- Mailing ListThird Party Advisory
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:procom:netforce_800_firmware:4.02:m10:*:*:*:*:*:*
cpe:2.3:h:procom:netforce_800:-:*:*:*:*:*:*:*
EPSS
Процентиль: 64%
0.0047
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-319
Связанные уязвимости
CVSS3: 7.5
github
почти 4 года назад
Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map (passwd.nis) as a file attachment in diagnostic e-mail messages, which allows remote attackers to obtain the cleartext NIS password hashes.
EPSS
Процентиль: 64%
0.0047
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-319