Lucene search

[email protected]NVD:CVE-2008-5382

HistoryDec 09, 2008 - 12:30 a.m.

CVE-2008-5382

2008-12-0900:30:00

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.002

Percentile

59.6%

JSON

Cross-site request forgery (CSRF) vulnerability in I-O DATA DEVICE HDL-F160, HDL-F250, HDL-F300, and HDL-F320 firmware before 1.02 allows remote attackers to (1) change a configuration or (2) delete files as an authenticated user via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

i-o_datahlf-f160

i-o_datahlf-f250

i-o_datahlf-f300

i-o_datahlf-f320

VendorProductVersionCPE
i-o_datahlf-f160*cpe:2.3:h:i-o_data:hlf-f160:*:*:*:*:*:*:*:*
i-o_datahlf-f250*cpe:2.3:h:i-o_data:hlf-f250:*:*:*:*:*:*:*:*
i-o_datahlf-f300*cpe:2.3:h:i-o_data:hlf-f300:*:*:*:*:*:*:*:*
i-o_datahlf-f320*cpe:2.3:h:i-o_data:hlf-f320:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
i-o_data	hlf-f160	*	cpe:2.3:h:i-o_data:hlf-f160::::::::
i-o_data	hlf-f250	*	cpe:2.3:h:i-o_data:hlf-f250::::::::
i-o_data	hlf-f300	*	cpe:2.3:h:i-o_data:hlf-f300::::::::
i-o_data	hlf-f320	*	cpe:2.3:h:i-o_data:hlf-f320::::::::

References

jvn.jp/en/jp/JVN70599814/index.html

osvdb.org/50183

secunia.com/advisories/32836

www.iodata.jp/news/2008/important/hdl-f.htm

exchange.xforce.ibmcloud.com/vulnerabilities/46880

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.002

Percentile

59.6%

JSON

Related for NVD:CVE-2008-5382

jvn1 cve1 cvelist1 prion1