Lucene search

[email protected]NVD:CVE-2013-2820

HistoryJan 15, 2014 - 4:08 p.m.

CVE-2013-2820

2014-01-1516:08:18

CWE-287

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.0%

JSON

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.

Affected configurations

NVD

Node

sierrawirelessraven_x_ev-do_firmwareMatch4221_4.0.11.003

sierrawirelessraven_x_ev-do_firmwareMatch4228_4.0.11.003

AND

sierrawirelessairlink_mp_at\&tMatch-

sierrawirelessairlink_mp_at\&t_wifiMatch-

sierrawirelessairlink_mp_bellMatch-

sierrawirelessairlink_mp_bell_wifiMatch-

sierrawirelessairlink_mp_rowMatch-

sierrawirelessairlink_mp_row_wifiMatch-

sierrawirelessairlink_mp_sprintMatch-

sierrawirelessairlink_mp_sprint_wifiMatch-

sierrawirelessairlink_mp_telusMatch-

sierrawirelessairlink_mp_telus_wifiMatch-

sierrawirelessairlink_mp_verizonMatch-

sierrawirelessairlink_mp_verizon_wifiMatch-

sierrawirelesspinpoint_xMatch-

sierrawirelesspinpoint_xtMatch-

sierrawirelessraven_xMatch-

sierrawirelessraven_x_ev-doMatch-

sierrawirelessraven_xeMatch-

sierrawirelessraven_xtMatch-

References

ics-cert.us-cert.gov/advisories/ICSA-14-007-01A

www.sierrawireless.com/resources/support/airlink/docs/raven%20security%20vulnerability%202014-01-10.pdf

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.0%

JSON

Related for NVD:CVE-2013-2820

cve1 prion1 cvelist1 ics1