Lucene search

[email protected]CVE-2014-2379

HistorySep 05, 2014 - 5:55 p.m.

CVE-2014-2379

2014-09-0517:55:06

CWE-310

[email protected]

web.nvd.nist.gov

sensys networks

vsn240-f

vsn240-t

sensors

vds

encryption

vulnerability

wireless network

5.4 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.1%

JSON

Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not use encryption, which allows remote attackers to interfere with traffic control by replaying transmissions on a wireless network.

Affected configurations

NVD

Node

sensysnetworkstrafficdotRange≤2.10.2

sensysnetworkstrafficdotMatch2.8.3

sensysnetworkstrafficdotMatch2.10.0

sensysnetworkstrafficdotMatch2.10.1

AND

sensysnetworksvsn240-fMatch-

sensysnetworksvsn240-tMatch-

Node

sensysnetworksvdsRange≤2.10.0

sensysnetworksvdsMatch1.8.5

sensysnetworksvdsMatch1.8.7

sensysnetworksvdsMatch2.6.3

sensysnetworksvdsMatch2.6.4

AND

sensysnetworksvsn240-fMatch-

sensysnetworksvsn240-tMatch-

CPENameOperatorVersion
sensysnetworks:trafficdotsensysnetworks trafficdotle2.10.2
sensysnetworks:trafficdotsensysnetworks trafficdoteq2.8.3
sensysnetworks:trafficdotsensysnetworks trafficdoteq2.10.0
sensysnetworks:trafficdotsensysnetworks trafficdoteq2.10.1
sensysnetworks:vsn240-fsensysnetworks vsn240-feq-
sensysnetworks:vsn240-tsensysnetworks vsn240-teq-

CPE	Name	Operator	Version
sensysnetworks:trafficdot	sensysnetworks trafficdot	le	2.10.2
sensysnetworks:trafficdot	sensysnetworks trafficdot	eq	2.8.3
sensysnetworks:trafficdot	sensysnetworks trafficdot	eq	2.10.0
sensysnetworks:trafficdot	sensysnetworks trafficdot	eq	2.10.1
sensysnetworks:vsn240-f	sensysnetworks vsn240-f	eq	-
sensysnetworks:vsn240-t	sensysnetworks vsn240-t	eq	-