Lucene search
CertccCVE-2014-0326HistoryAug 17, 2014 - 11:55 p.m.
CVE-2014-0326
2014-08-1723:55:04
certcc
web.nvd.nist.gov
20
cve-2014-0326
security
iridium
satellite terminals
hardcoded credentials
web interface
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
Low
EPSS
0.005
Percentile
76.6%
The Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allow remote attackers to read hardcoded credentials via the web interface.
Affected configurations
Node
iridiumopen_portMatch-
ORiridiumpilot_below_deck_equipmentMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| iridium | open_port | - | cpe:2.3:h:iridium:open_port:-:*:*:*:*:*:*:* |
| iridium | pilot_below_deck_equipment | - | cpe:2.3:h:iridium:pilot_below_deck_equipment:-:*:*:*:*:*:*:* |
References
Related
prion
prion
Hardcoded credentials
2014-08-17 23:55:00
cvelist
cvelist
CVE-2014-0326
2014-08-17 23:00:00
nvd
nvd
CVE-2014-0326
2014-08-17 23:55:04
cert
cert
Iridium Pilot and OpenPort contain multiple vulnerabilities
2014-08-07 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.8
Confidence
Low
EPSS
0.005
Percentile
76.6%
Related for CVE-2014-0326