Lucene search

[email protected]CVE-2009-4463

HistoryDec 30, 2009 - 8:00 p.m.

CVE-2009-4463

2009-12-3020:00:01

CWE-255

[email protected]

web.nvd.nist.gov

cve-2009-4463

intellicom

netbiter

webscada

default passwords

hicp

remote attackers

denial of service

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

84.9%

JSON

Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product’s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords.

Affected configurations

NVD

Node

intellicomnetbiter_webscada_firmwareMatch3.11.0

intellicomnetbiter_webscada_firmwareMatch3.11.1

intellicomnetbiter_webscada_firmwareMatch3.11.2

intellicomnetbiter_webscada_firmwareMatch3.12.4

intellicomnetbiter_webscada_firmwareMatch3.12.6

intellicomnetbiter_webscada_firmwareMatch3.13.0beta

intellicomnetbiter_webscada_firmwareMatch3.13.1

intellicomnetbiter_webscada_firmwareMatch3.13.2

intellicomnetbiter_webscada_firmwareMatch3.20.0

intellicomnetbiter_webscada_firmwareMatch3.30.0

intellicomnetbiter_webscada_firmwareMatch3.30.1

intellicomnetbiter_webscada_firmwareMatch3.30.2b184

AND

intellicomnetbiter_webscada_ws100

intellicomnetbiter_webscada_ws200

CPENameOperatorVersion
intellicom:netbiter_webscada_firmwareintellicom netbiter webscada firmwareeq3.11.0
intellicom:netbiter_webscada_firmwareintellicom netbiter webscada firmwareeq3.11.1
intellicom:netbiter_webscada_firmwareintellicom netbiter webscada firmwareeq3.11.2
intellicom:netbiter_webscada_firmwareintellicom netbiter webscada firmwareeq3.12.4
intellicom:netbiter_webscada_firmwareintellicom netbiter webscada firmwareeq3.12.6
intellicom:netbiter_webscada_firmwareintellicom netbiter webscada firmwareeq3.13.0
intellicom:netbiter_webscada_firmwareintellicom netbiter webscada firmwareeq3.13.1
intellicom:netbiter_webscada_firmwareintellicom netbiter webscada firmwareeq3.13.2
intellicom:netbiter_webscada_firmwareintellicom netbiter webscada firmwareeq3.20.0
intellicom:netbiter_webscada_firmwareintellicom netbiter webscada firmwareeq3.30.0

CPE	Name	Operator	Version
intellicom:netbiter_webscada_firmware	intellicom netbiter webscada firmware	eq	3.11.0
intellicom:netbiter_webscada_firmware	intellicom netbiter webscada firmware	eq	3.11.1
intellicom:netbiter_webscada_firmware	intellicom netbiter webscada firmware	eq	3.11.2
intellicom:netbiter_webscada_firmware	intellicom netbiter webscada firmware	eq	3.12.4
intellicom:netbiter_webscada_firmware	intellicom netbiter webscada firmware	eq	3.12.6
intellicom:netbiter_webscada_firmware	intellicom netbiter webscada firmware	eq	3.13.0
intellicom:netbiter_webscada_firmware	intellicom netbiter webscada firmware	eq	3.13.1
intellicom:netbiter_webscada_firmware	intellicom netbiter webscada firmware	eq	3.13.2
intellicom:netbiter_webscada_firmware	intellicom netbiter webscada firmware	eq	3.20.0
intellicom:netbiter_webscada_firmware	intellicom netbiter webscada firmware	eq	3.30.0

Rows per page:

1-10 of 141

References

blog.48bits.com/?p=781

reversemode.com/index.php?option=com_content&task=view&id=65&Itemid=1

support.intellicom.se/getfile.cfm?FID=151

www.kb.cert.org/vuls/id/902793

www.osvdb.org/61506

www.securityfocus.com/archive/1/508449/100/0/threaded

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

84.9%

JSON

Related for CVE-2009-4463

prion5 cert1 nvd5 cvelist5 cve4