Lucene search
MitreCVE-2012-4577HistoryAug 21, 2012 - 6:55 p.m.
CVE-2012-4577
2012-08-2118:55:01
CWE-255
mitre
web.nvd.nist.gov
31
linux firmware
korenix jetport
oring
din-rail
serial-device servers
hardcoded password
root account
remote attackers
administrative access
ssh
cve-2012-4577
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
Low
EPSS
0.011
Percentile
84.2%
The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of “password” for the root account, which allows remote attackers to obtain administrative access via an SSH session.
Affected configurations
Node
korenixjetportMatch5601
ORkorenixjetportMatch5601f
ORkorenixjetportMatch5604
ORkorenixjetportMatch5604i
Related
prion
prion
Hardcoded credentials
2012-08-21 18:55:00
ics
ics
Korenix Jetport 5600 Series Hard-coded Credentials
2018-09-05 12:00:00
nvd
nvd
CVE-2012-4577
2012-08-21 18:55:01
cvelist
cvelist
CVE-2012-4577
2012-08-21 18:00:00
nessus
nessus
Default Password (password) for 'root' Account
2007-03-01 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.2
Confidence
Low
EPSS
0.011
Percentile
84.2%
Related for CVE-2012-4577