exploitDog

CVE-2022-36307

Опубликовано: 16 авг. 2022

Источник: nvd

CVSS3: 6.8

EPSS Низкий

Описание

The AirVelocity 1500 prints SNMP credentials on its physically accessible serial port during boot. This was fixed in AirVelocity 1500 software version 15.18.00.2511 and may affect other AirVelocity and AirSpeed models.

Ссылки

https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-8j75-qh6c-wpc5
Third Party Advisory
https://helpdesk.airspan.com/browse/TRN3-1693
Permissions Required
Vendor Advisory
https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-8j75-qh6c-wpc5
Third Party Advisory
https://helpdesk.airspan.com/browse/TRN3-1693
Permissions Required
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:airspan:airvelocity_1500_firmware:*:*:*:*:*:*:*:*

Версия от 9.3.0.01249 (включая) до 15.18.00.2511 (включая)

cpe:2.3:h:airspan:airvelocity_1500:-:*:*:*:*:*:*:*

EPSS

Процентиль: 34%

0.00139

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-522

CWE-522

EPSS

Процентиль: 34%

0.00139

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-522

CWE-522