Lucene search

K
cve[email protected]CVE-2014-5396
HistoryOct 03, 2022 - 4:20 p.m.

CVE-2014-5396

2022-10-0316:20:42
web.nvd.nist.gov
17
cve-2014-5396
schrack technik
microcontrol
firmware
hardcoded password
remote attackers
nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.4%

The web interface in Schrack Technik microControl with firmware before 1.7.0 (937) has a hardcoded password of not for the “user” account, which makes it easier for remote attackers to obtain access via unspecified vectors.

Affected configurations

NVD
Node
schracktechnik_microcontrol_firmwareRange1.7.0
AND
schracktechnik_microcontrolMatch-

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.4%

Related for CVE-2014-5396