exploitDog

CVE-2018-11742

Опубликовано: 26 дек. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Средний

Описание

NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.

Ссылки

http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/150610/NEC-Univerge-Sv9100-WebPro-6.00.00-Predictable-Session-ID-Cleartext-Passwords.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2018/Dec/1
Exploit
Mailing List
Third Party Advisory
https://www.exploit-db.com/exploits/45942/
Exploit
Third Party Advisory
VDB Entry
http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/150610/NEC-Univerge-Sv9100-WebPro-6.00.00-Predictable-Session-ID-Cleartext-Passwords.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2018/Dec/1
Exploit
Mailing List
Third Party Advisory
https://www.exploit-db.com/exploits/45942/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:nec:univerge_sv9100_webpro_firmware:6.00.00:*:*:*:*:*:*:*

cpe:2.3:h:nec:univerge_sv9100_webpro:-:*:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.40921

Средний

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-522

Связанные уязвимости

GHSA-3wgg-cmh5-mrf4

CVSS3: 9.8

github

больше 3 лет назад

NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.

EPSS

Процентиль: 97%

0.40921

Средний

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-522