Lucene search

K
cve[email protected]CVE-2008-1431
HistoryMar 20, 2008 - 6:44 p.m.

CVE-2008-1431

2008-03-2018:44:00
CWE-310
web.nvd.nist.gov
21
raidsonic
nas-4220-b
firmware
encryption
key
vulnerability
nvd
cve-2008-1431

6.2 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

RaidSonic NAS-4220-B with 2.6.0-n(2007-10-11) firmware stores a partition encryption key in an unencrypted /system/.crypt file with base64 encoding, which allows local users to obtain the key.

Affected configurations

NVD
Node
raidsonic_technologyfirmwareMatch2.6.0-n
AND
raidsonic_technologynas-4220-bMatch2.6.0-n

6.2 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

Related for CVE-2008-1431