Lucene search

[email protected]NVD:CVE-2014-2361

HistoryJul 24, 2014 - 2:55 p.m.

CVE-2014-2361

2014-07-2414:55:07

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

34.3%

JSON

OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

Affected configurations

NVD

Node

oleumtechsensor_wireless_i\/o_moduleMatch-

oleumtechwio_dh2_wireless_gatewayMatch-

References

ics-cert.us-cert.gov/advisories/ICSA-14-202-01

www.securityfocus.com/bid/68795

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

34.3%

JSON

Related for NVD:CVE-2014-2361

cve1 cvelist1 prion1 ics1