Описание
The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, uses a weak hash algorithm for storing the Administrator password, which makes it easier for context-dependent attackers to obtain privileged access by recovering the cleartext of this password.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:s2sys:netbox:2.5:*:*:*:*:*:*:*
cpe:2.3:h:s2sys:netbox:3.3:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:h:linearcorp:emerge_50:*:*:*:*:*:*:*:*
cpe:2.3:h:linearcorp:emerge_5000:*:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:h:sonitrol:eaccess:*:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00406
Низкий
10 Critical
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
больше 3 лет назад
The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, uses a weak hash algorithm for storing the Administrator password, which makes it easier for context-dependent attackers to obtain privileged access by recovering the cleartext of this password.
EPSS
Процентиль: 61%
0.00406
Низкий
10 Critical
CVSS2
Дефекты
CWE-310