exploitDog

CVE-2014-5334

Опубликовано: 08 янв. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Средний

Описание

FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui login.

Ссылки

http://www.openwall.com/lists/oss-security/2014/08/19/2
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/69249
Third Party Advisory
VDB Entry
https://bugs.freenas.org/issues/5844
Issue Tracking
Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/08/19/2
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/69249
Third Party Advisory
VDB Entry
https://bugs.freenas.org/issues/5844
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:freenas:freenas:*:*:*:*:*:*:*:*

Версия до 9.2.1.7 (включая)

cpe:2.3:a:freenas:freenas:9.3:m1:*:*:*:*:*:*

cpe:2.3:a:freenas:freenas:9.3:m2:*:*:*:*:*:*

cpe:2.3:a:freenas:freenas:9.3:m3:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.11464

Средний

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-254

Связанные уязвимости

GHSA-p7rr-v8fr-7jgw

CVSS3: 9.8

github

больше 3 лет назад

FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui login.

EPSS

Процентиль: 93%

0.11464

Средний

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-254