exploitDog

CVE-2018-14708

Опубликовано: 03 дек. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An insecure transport protocol used by Drobo Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to intercept network traffic.

Ссылки

https://blog.securityevaluators.com/call-me-a-doctor-new-vulnerabilities-in-drobo5n2-4f1d885df7fc
Exploit
Third Party Advisory
https://blog.securityevaluators.com/call-me-a-doctor-new-vulnerabilities-in-drobo5n2-4f1d885df7fc
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:drobo:5n2_firmware:4.0.5-13.28.96115:*:*:*:*:*:*:*

cpe:2.3:h:drobo:5n2:-:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00482

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-28r9-4273-pm3w

CVSS3: 9.8

github

больше 3 лет назад

An insecure transport protocol used by Drobo Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to intercept network traffic.

EPSS

Процентиль: 64%

0.00482

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-287