Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-4463
HistoryDec 30, 2009 - 8:00 p.m.

CVE-2009-4463

2009-12-3020:00:01
CWE-255
[email protected]
web.nvd.nist.gov
1

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

84.9%

JSON

Intellicom NetBiter WebSCADA devices use default passwords for the HICP network configuration service, which makes it easier for remote attackers to modify network settings and cause a denial of service. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product’s installation documentation. NOTE: this issue was originally reported to be hard-coded passwords, not default passwords.

Affected configurations

NVD
Node
intellicomnetbiter_webscada_firmwareMatch3.11.0
OR
intellicomnetbiter_webscada_firmwareMatch3.11.1
OR
intellicomnetbiter_webscada_firmwareMatch3.11.2
OR
intellicomnetbiter_webscada_firmwareMatch3.12.4
OR
intellicomnetbiter_webscada_firmwareMatch3.12.6
OR
intellicomnetbiter_webscada_firmwareMatch3.13.0beta
OR
intellicomnetbiter_webscada_firmwareMatch3.13.1
OR
intellicomnetbiter_webscada_firmwareMatch3.13.2
OR
intellicomnetbiter_webscada_firmwareMatch3.20.0
OR
intellicomnetbiter_webscada_firmwareMatch3.30.0
OR
intellicomnetbiter_webscada_firmwareMatch3.30.1
OR
intellicomnetbiter_webscada_firmwareMatch3.30.2b184
AND
intellicomnetbiter_webscada_ws100
OR
intellicomnetbiter_webscada_ws200

Related

cve 5
prion 5
cert 1
cvelist 5
nvd 4
cve
cve
CVE-2009-4463
2009-12-30 20:00:01
CVE-2010-4730
2022-10-03 16:21:06
CVE-2010-4733
2022-10-03 16:21:04
prion
prion
Hardcoded credentials
2009-12-30 20:00:00
Default credentials
2011-02-15 01:00:00
Design/Logic Flaw
2011-02-15 01:00:00
cert
cert
IntelliCom NetBiter devices have default HICP passwords
2010-04-06 00:00:00
cvelist
cvelist
CVE-2009-4463
2009-12-30 19:00:00
CVE-2010-4731
2022-10-03 16:21:05
CVE-2010-4733
2022-10-03 16:21:04
nvd
nvd
CVE-2010-4732
2011-02-15 01:00:01
CVE-2010-4731
2011-02-15 01:00:01
CVE-2010-4730
2011-02-15 01:00:01

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.3 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

84.9%

JSON
Related for NVD:CVE-2009-4463
cve5prion5cert1cvelist5nvd4