Lucene search

BaicellsCVELIST:CVE-2023-6198

HistoryJun 25, 2024 - 1:34 a.m.

CVE-2023-6198 Hard Coded Credential

2024-06-2501:34:56

CWE-798

Baicells

www.cve.org

baicells snap router

ep3011

hard-coded credentials

unauthorized access

9.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L

0.0004 Low

EPSS

Percentile

9.1%

JSON

Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User Passwords modules) allows unauthorized access to the device.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "User Passwords"
    ],
    "packageName": "BaiCE_BMI",
    "platforms": [
      "EP3011"
    ],
    "product": "Snap Router",
    "vendor": "Baicells",
    "versions": [
      {
        "lessThanOrEqual": "BaiCE_BMI_1.3.5.10_NAC",
        "status": "affected",
        "version": "1.3.5.6",
        "versionType": "custom"
      }
    ]
  }
]

References

www.baicells.com

9.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVELIST:CVE-2023-6198