{"modified": "2014-09-23T01:45:14", "id": "CVE-2014-2943", "title": "CVE-2014-2943", "objectVersion": "1.2", "cvss": {"score": 0, "vector": "NONE"}, "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2943", "cvelist": ["CVE-2014-2943"], "references": [], "bulletinFamily": "NVD", "lastseen": "2016-09-03T20:20:42", "edition": 1, "published": "2014-08-15T07:15:43", "viewCount": 0, "type": "cve", "cpe": [], "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-2886, CVE-2014-2942. Reason: this ID was intended for one issue, but was assigned to two issues by a CNA. Notes: All CVE users should consult CVE-2014-2886 and CVE-2014-2942 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage.", "hash": "dd6e8a359168ecebd54823e4f747e6da42f384674b277eab11fcb6f0af9247d0", "reporter": "NVD", "scanner": [], "assessment": {"system": "", "name": "", "href": ""}, "enchantments": {"vulnersScore": 3.8}}

{"result": {"cert": [{"id": "VU:882207", "type": "cert", "title": "Cobham Aviator satellite terminals contain multiple vulnerabilities", "description": "### Overview\n\nCobham Aviator 700D and 700E satellite terminals contain multiple vulnerabilities.\n\n### Description\n\nCobham Aviator 700D and 700E satellite communication terminals contain the following vulnerabilities: \n\n[**CWE-327**](<http://cwe.mitre.org/data/definitions/327.html>)**: ****Use of a Broken or Risky Cryptographic Algorithm - **CVE-2014-2942 _(Please note that the CVE for this vulnerability has been changed from CVE-2014-2943 to CVE-2014-2942 due to a duplicate CVE identifier.)_ \nIOActive reports that Cobham satellite terminals utilize a risky algorithm to generate a PIN code for accessing the terminal. The algorithm is reversible and allows a local attacker to generate a superuser PIN code. \n \n[**CWE-798**](<http://cwe.mitre.org/data/definitions/798.html>): **Use of Hard-coded Credentials** \\- CVE-2014-2964 \nIOActive reports that certain privileged commands in the the satellite terminals require a password to execute. The commands `debug, prod`, `do160`, and `flrp `have hardcoded passwords. A local attacker may be able to gain unauthorized privileges using these commands. \n \nThe vendor Cobham has provided the following statement: \n_Cobham SATCOM has found that potential exploitation of the vulnerabilities presented requires either physical access to the equipment or connectivity to the maintenance part of the network, which also requires a physical presence at the terminal. Specifically, in the aeronautical world, there are very strict requirements for equipment installation and physical access to the equipment is restricted to authorized personnel. _ \n \n_The described hardcoded credentials are only accessible via the maintenance port connector on the front-plate and will require direct access to the equipment via a serial port. The SDU is installed in the avionics bay of the aircraft, and is not accessible for unauthorized personnel. _ \n \n_Cobham SATCOM will continue to evaluate any potential vulnerabilities with its equipment and implement increased security measures if required._ \n \n--- \n \n### Impact\n\nA local unauthenticated attacker may be able to gain full control of the satellite terminal. \n \n--- \n \n### Solution\n\nThe CERT/CC is currently unaware of a practical solution to this problem. \n \n--- \n \n### Vendor Information \n\nVendor| Status| Date Notified| Date Updated \n---|---|---|--- \nCobham plc| | 14 Jan 2014| 28 Jul 2014 \nIf you are a vendor and your product is affected, [let us know](<mailto:cert@cert.org?Subject=VU%23882207 Vendor Status Inquiry>).\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | 6.9 | AV:L/AC:M/Au:N/C:C/I:C/A:C \nTemporal | 6.2 | E:POC/RL:U/RC:C \nEnvironmental | 2.0 | CDP:H/TD:L/CR:ND/IR:ND/AR:ND \n \n### References\n\n * <http://www.cobham.com/about-cobham/aerospace-and-security/about-us/satcom/product-range/aeronautical.aspx>\n * <http://cwe.mitre.org/data/definitions/327.html>\n * <http://cwe.mitre.org/data/definitions/798.html>\n\n### Credit\n\nThanks to Ruben Santamarta for reporting this vulnerability.\n\nThis document was written by Chris King.\n\n### Other Information\n\n * CVE IDs: [CVE-2014-2942](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2942>) [CVE-2014-2964](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2964>)\n * Date Public: 07 Aug 2014\n * Date First Published: 07 Aug 2014\n * Date Last Updated: 18 Sep 2014\n * Document Revision: 18\n\n", "published": "2014-08-07T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.kb.cert.org/vuls/id/882207", "cvelist": ["CVE-2014-2943", "CVE-2014-2942", "CVE-2014-2942", "CVE-2014-2942", "CVE-2014-2942", "CVE-2014-2964", "CVE-2014-2964", "CVE-2014-2964"], "lastseen": "2016-02-03T09:13:28"}]}}