CVE-2014-2941

Опубликовано: 15 авг. 2014

Источник: nvd

CVSS2: 7.1

EPSS Низкий

Описание

Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials.

Комментарий

CWE-798: Use of Hard-coded Credentials

Ссылки

http://www.kb.cert.org/vuls/id/269991
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/269991
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:cobham:ailor_6110_mini-c_gmdss:-:*:*:*:*:*:*:*

cpe:2.3:h:cobham:sailor_6006_message_terminal:-:*:*:*:*:*:*:*

cpe:2.3:h:cobham:sailor_6222_vhf:-:*:*:*:*:*:*:*

cpe:2.3:h:cobham:sailor_6300_mf_\/_hf:-:*:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.0155

Низкий

7.1 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pr8m-pgmq-mj9q

github

больше 3 лет назад

** DISPUTED ** Cobham Sailor 6000 satellite terminals have hardcoded Tbus 2 credentials, which allows remote attackers to obtain access via a TBUS2 command. NOTE: the vendor reportedly states "there is no possibility to exploit another user's credentials."