Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCertccCVE-2014-2940
HistoryAug 15, 2014 - 11:15 a.m.

CVE-2014-2940

2014-08-1511:15:42
certcc
web.nvd.nist.gov
31
cobham
sailor 900
sailor 6000
satellite terminals
firmware
hardcoded credentials
admin access
vulnerability
nvd
cve-2014-2940

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.002

Percentile

60.4%

JSON

Cobham Sailor 900 and 6000 satellite terminals with firmware 1.08 MFHF and 2.11 VHF have hardcoded credentials for the administrator account, which allows attackers to obtain administrative control by leveraging physical access or terminal access.

Affected configurations

Nvd
Node
cobhamsailor_900_firmwareMatch1.08_mfhf
OR
cobhamsailor_900_firmwareMatch2.11_vhf
AND
cobhamsailor_900_vsatMatch-
Node
cobhamsailor_6000_series_firmwareMatch1.08_mfhf
OR
cobhamsailor_6000_series_firmwareMatch2.11_vhf
AND
cobhamailor_6110_mini-c_gmdssMatch-
OR
cobhamsailor_6006_message_terminalMatch-
OR
cobhamsailor_6222_vhfMatch-
OR
cobhamsailor_6300_mf_\/_hfMatch-
VendorProductVersionCPE
cobhamsailor_900_firmware1.08_mfhfcpe:2.3:o:cobham:sailor_900_firmware:1.08_mfhf:*:*:*:*:*:*:*
cobhamsailor_900_firmware2.11_vhfcpe:2.3:o:cobham:sailor_900_firmware:2.11_vhf:*:*:*:*:*:*:*
cobhamsailor_900_vsat-cpe:2.3:h:cobham:sailor_900_vsat:-:*:*:*:*:*:*:*
cobhamsailor_6000_series_firmware1.08_mfhfcpe:2.3:o:cobham:sailor_6000_series_firmware:1.08_mfhf:*:*:*:*:*:*:*
cobhamsailor_6000_series_firmware2.11_vhfcpe:2.3:o:cobham:sailor_6000_series_firmware:2.11_vhf:*:*:*:*:*:*:*
cobhamailor_6110_mini-c_gmdss-cpe:2.3:h:cobham:ailor_6110_mini-c_gmdss:-:*:*:*:*:*:*:*
cobhamsailor_6006_message_terminal-cpe:2.3:h:cobham:sailor_6006_message_terminal:-:*:*:*:*:*:*:*
cobhamsailor_6222_vhf-cpe:2.3:h:cobham:sailor_6222_vhf:-:*:*:*:*:*:*:*
cobhamsailor_6300_mf_\/_hf-cpe:2.3:h:cobham:sailor_6300_mf_\/_hf:-:*:*:*:*:*:*:*

Related

prion 1
cert 1
nvd 1
cvelist 1
prion
prion
Hardcoded credentials
2014-08-15 11:15:00
cert
cert
Cobham Sailor satellite terminals contain hardcoded credentials
2014-08-07 00:00:00
nvd
nvd
CVE-2014-2940
2014-08-15 11:15:42
cvelist
cvelist
CVE-2014-2940
2014-08-15 10:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.002

Percentile

60.4%

JSON
Related for CVE-2014-2940
prion1cert1nvd1cvelist1