Lucene search
CertccCVE-2014-2950HistoryJul 14, 2014 - 9:55 p.m.
CVE-2014-2950
2014-07-1421:55:05
certcc
web.nvd.nist.gov
22
cve-2014-2950
datum systems
snip
psm-500
psm-4500
ftp
authentication
remote attack
sensitive information
nvd
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.005
Percentile
75.8%
Datum Systems SnIP on PSM-500 and PSM-4500 devices does not require authentication for FTP sessions, which allows remote attackers to obtain sensitive information via RETR commands.
Affected configurations
Node
datumsystemssnipMatch-psm-4500
ORdatumsystemssnipMatch-psm-500
| Vendor | Product | Version | CPE |
|---|---|---|---|
| datumsystems | snip | - | cpe:2.3:o:datumsystems:snip:-:*:*:*:*:*:psm-4500:* |
| datumsystems | snip | - | cpe:2.3:o:datumsystems:snip:-:*:*:*:*:*:psm-500:* |
References
Related
nvd
nvd
CVE-2014-2950
2014-07-14 21:55:05
prion
prion
Authentication flaw
2014-07-14 21:55:00
cvelist
cvelist
CVE-2014-2950
2014-07-14 21:00:00
openvas
openvas
Datum Systems Satellite Modem Multiple Vulnerabilities
2014-07-30 00:00:00
cert
cert
Datum Systems satellite modem devices contain multiple vulnerabilities
2014-07-11 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.005
Percentile
75.8%
Related for CVE-2014-2950