Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2019-19967
HistoryDec 25, 2019 - 10:15 p.m.

CVE-2019-19967

2019-12-2522:15:11
CWE-319
mitre
web.nvd.nist.gov
30
cve-2019-19967
administration page
connect box
eurodocsis 3.0
voice gateway
security vulnerability

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.5

Confidence

High

EPSS

0.006

Percentile

78.7%

JSON

The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI.

Affected configurations

Nvd
Node
upcconnect_box_eurodocsis_firmwareMatchch7465lg-ncip-6.12.18.25-2p6-nosh
AND
upcconnect_box_eurodocsisMatch3.0
VendorProductVersionCPE
upcconnect_box_eurodocsis_firmwarech7465lg-ncip-6.12.18.25-2p6-noshcpe:2.3:o:upc:connect_box_eurodocsis_firmware:ch7465lg-ncip-6.12.18.25-2p6-nosh:*:*:*:*:*:*:*
upcconnect_box_eurodocsis3.0cpe:2.3:h:upc:connect_box_eurodocsis:3.0:*:*:*:*:*:*:*

Related

prion 1
cvelist 1
nvd 1
prion
prion
Default credentials
2019-12-25 22:15:00
cvelist
cvelist
CVE-2019-19967
2019-12-25 21:20:06
nvd
nvd
CVE-2019-19967
2019-12-25 22:15:11

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

7.5

Confidence

High

EPSS

0.006

Percentile

78.7%

JSON
Related for CVE-2019-19967
prion1cvelist1nvd1