Описание
The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 6.8 (включая)
Одно из
cpe:2.3:o:windriver:vxworks:*:*:*:*:*:*:*:*
cpe:2.3:o:windriver:vxworks:5:*:*:*:*:*:*:*
cpe:2.3:o:windriver:vxworks:5.5:*:*:*:*:*:*:*
cpe:2.3:o:windriver:vxworks:6:*:*:*:*:*:*:*
cpe:2.3:o:windriver:vxworks:6.4:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.0156
Низкий
7.8 High
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
больше 3 лет назад
The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.
EPSS
Процентиль: 81%
0.0156
Низкий
7.8 High
CVSS2
Дефекты
CWE-310