CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
5.1%
The (1) shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the (2) NetAccess database file has world readable and writable permissions, which allows local users to view sensitive information and modify data.
Vendor | Product | Version | CPE |
---|---|---|---|
ip3_networks | ip3_netaccess_75 | 4.0.34_firmware | cpe:2.3:h:ip3_networks:ip3_netaccess_75:4.0.34_firmware:*:*:*:*:*:*:* |