Lucene search
HistoryAug 15, 2014 - 11:15 a.m.
CVE-2014-2964
cobham aviator
700d
700e
hardcoded passwords
privilege escalation
nvd
cve-2014-2964
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.5%
Cobham Aviator 700D and 700E satellite terminals have hardcoded passwords for the (1) debug, (2) prod, (3) do160, and (4) flrp programs, which allows physically proximate attackers to gain privileges by sending a password over a serial line.
Affected configurations
Node
cobhamaviator_700dMatch-
ORcobhamaviator_700eMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| cobham:aviator_700d | cobham aviator 700d | eq | - |
| cobham:aviator_700e | cobham aviator 700e | eq | - |
References
Related
prion
prion
Hardcoded credentials
2014-08-15 11:15:00
cvelist
cvelist
CVE-2014-2964
2014-08-15 10:00:00
nvd
nvd
CVE-2014-2964
2014-08-15 11:15:43
cert
cert
Cobham Aviator satellite terminals contain multiple vulnerabilities
2014-08-07 00:00:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.5%
Related for CVE-2014-2964