Описание
Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:kingjim:mirupass_pw10_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kingjim:mirupass_pw10:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:kingjim:mirupass_pw20_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:kingjim:mirupass_pw20:-:*:*:*:*:*:*:*
EPSS
Процентиль: 3%
0.00017
Низкий
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-311
Связанные уязвимости
github
около 4 лет назад
Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords.
EPSS
Процентиль: 3%
0.00017
Низкий
4.6 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-311