Lucene search
MitreCVE-2014-9408HistoryDec 19, 2014 - 3:59 p.m.
CVE-2014-9408
2014-12-1915:59:34
CWE-200
mitre
web.nvd.nist.gov
24
cve-2014-9408
ekahau
b4 staff badge
firmware 1.4.52
real-time location system
rtls
controller 6.0.5-final
activator 3
mac address
rc4 setup key
remote attack
brute-force defense
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.005
Percentile
75.9%
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 uses part of the MAC address as part of the RC4 setup key, which makes it easier for remote attackers to guess the key via a brute-force attack.
Affected configurations
Node
ekahauactivatorMatch3
Node
ekahaureal-time_location_system_controllerMatch6.0.5-final
Node
ekahaub4_staff_badge_tag_firmwareMatch1.4.52
ekahaub4_staff_badge_tagMatch5.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ekahau | activator | 3 | cpe:2.3:a:ekahau:activator:3:*:*:*:*:*:*:* |
| ekahau | real-time_location_system_controller | 6.0.5-final | cpe:2.3:a:ekahau:real-time_location_system_controller:6.0.5-final:*:*:*:*:*:*:* |
| ekahau | b4_staff_badge_tag_firmware | 1.4.52 | cpe:2.3:a:ekahau:b4_staff_badge_tag_firmware:1.4.52:*:*:*:*:*:*:* |
| ekahau | b4_staff_badge_tag | 5.7 | cpe:2.3:h:ekahau:b4_staff_badge_tag:5.7:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-9408
2014-12-19 15:59:34
cvelist
cvelist
CVE-2014-9408
2014-12-19 15:00:00
prion
prion
Code injection
2014-12-19 15:59:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.9
Confidence
Low
EPSS
0.005
Percentile
75.9%
Related for CVE-2014-9408