Lucene search

[email protected]CVE-2014-0361

HistoryApr 21, 2014 - 10:55 p.m.

CVE-2014-0361

2014-04-2122:55:00

CWE-310

[email protected]

web.nvd.nist.gov

ibm

ibm 4690 os

toshiba global commerce solutions

4690 pos

security vulnerability

adxcrypt

password hashing

nvd

cve-2014-0361

6 Medium

AI Score

Confidence

Low

3 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:S/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

10.0%

JSON

The default configuration of IBM 4690 OS, as used in Toshiba Global Commerce Solutions 4690 POS and other products, hashes passwords with the ADXCRYPT algorithm, which makes it easier for context-dependent attackers to obtain sensitive information via unspecified cryptanalysis of an ADXCSOUF.DAT file.

CPENameOperatorVersion
toshibacommerce:4690_point_of_sale_operating_systemtoshibacommerce 4690 point of sale operating systemeq6.4
toshibacommerce:4690_point_of_sale_operating_systemtoshibacommerce 4690 point of sale operating systemeq6.2
toshibacommerce:4690_point_of_sale_operating_systemtoshibacommerce 4690 point of sale operating systemeq6.3

CPE	Name	Operator	Version
toshibacommerce:4690_point_of_sale_operating_system	toshibacommerce 4690 point of sale operating system	eq	6.4
toshibacommerce:4690_point_of_sale_operating_system	toshibacommerce 4690 point of sale operating system	eq	6.2
toshibacommerce:4690_point_of_sale_operating_system	toshibacommerce 4690 point of sale operating system	eq	6.3

References

www-01.ibm.com/support/docview.wss?uid=pos1R1005054

www.kb.cert.org/vuls/id/622950

6 Medium

AI Score

Confidence

Low

3 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:S/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

10.0%

JSON

Related for CVE-2014-0361

prion1 cvelist1 cert1