Lucene search

MitreCVE-2023-33742

HistoryJul 27, 2023 - 9:15 p.m.

CVE-2023-33742

2023-07-2721:15:13

CWE-312

mitre

web.nvd.nist.gov

cve-2023-33742

teleadapt roomcast

ta-2400

cleartext storage

sensitive information

rsa private key

update.exe

nvd

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

57.8%

JSON

TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Cleartext Storage of Sensitive Information: RSA private key in Update.exe.

Affected configurations

Nvd

Node

teleadaptroomcast_ta-2400Match-

AND

teleadaptroomcast_ta-2400_firmwareRange1.0–3.1

VendorProductVersionCPE
teleadaptroomcast_ta-2400_firmwarecpe:/o:teleadapt:roomcast_ta-2400_firmware::::

Vendor	Product	Version	CPE
teleadapt	roomcast_ta-2400_firmware		cpe:/o:teleadapt:roomcast_ta-2400_firmware::::

References

packetstormsecurity.com/files/173764/RoomCast-TA-2400-Cleartext-Private-Key-Improper-Access-Control.html

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

57.8%

JSON

Related for CVE-2023-33742