Lucene search
FacebookCVE-2022-36307HistoryAug 16, 2022 - 1:15 a.m.
CVE-2022-36307
2022-08-1601:15:13
CWE-522
facebook
web.nvd.nist.gov
39
5
cve-2022-36307
airvelocity
snmp credentials
security vulnerability
nvd
CVSS3
6.8
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
29.7%
The AirVelocity 1500 prints SNMP credentials on its physically accessible serial port during boot. This was fixed in AirVelocity 1500 software version 15.18.00.2511 and may affect other AirVelocity and AirSpeed models.
Affected configurations
Node
airspanairvelocity_1500Match-
airspanairvelocity_1500_firmwareRange9.3.0.01249–15.18.00.2511
| Vendor | Product | Version | CPE |
|---|---|---|---|
| airspan | airvelocity_1500 | - | cpe:2.3:h:airspan:airvelocity_1500:-:*:*:*:*:*:*:* |
| airspan | airvelocity_1500_firmware | * | cpe:2.3:o:airspan:airvelocity_1500_firmware:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "AirVelocity",
"vendor": "Airspan",
"versions": [
{
"lessThan": "15.18.00.2511",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
prion
prion
Design/Logic Flaw
2022-08-16 01:15:00
nvd
nvd
CVE-2022-36307
2022-08-16 01:15:13
cvelist
cvelist
CVE-2022-36307
2022-08-16 00:32:34
CVSS3
6.8
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
29.7%
Related for CVE-2022-36307