Lucene search

[email protected]NVD:CVE-2020-29062

HistoryNov 24, 2020 - 9:15 p.m.

CVE-2020-29062

2020-11-2421:15:12

CWE-798

[email protected]

web.nvd.nist.gov

cdata devices

default password

guest account

security issue

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.005

Percentile

76.9%

JSON

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. There is a default blank password for the guest account.

Affected configurations

Nvd

Node

cdatatec72408a_firmwareMatch1.2.2

cdatatec72408a_firmwareMatch2.4.03_000

cdatatec72408a_firmwareMatch2.4.04_001

cdatatec72408a_firmwareMatch2.4.05_000

AND

cdatatec72408aMatch-

Node

cdatatec9008a_firmwareMatch1.2.2

cdatatec9008a_firmwareMatch2.4.03_000

cdatatec9008a_firmwareMatch2.4.04_001

cdatatec9008a_firmwareMatch2.4.05_000

AND

cdatatec9008aMatch-

Node

cdatatec9016a_firmwareMatch1.2.2

cdatatec9016a_firmwareMatch2.4.03_000

cdatatec9016a_firmwareMatch2.4.04_001

cdatatec9016a_firmwareMatch2.4.05_000

AND

cdatatec9016aMatch-

Node

cdatatec92408a_firmwareMatch1.2.2

cdatatec92408a_firmwareMatch2.4.03_000

cdatatec92408a_firmwareMatch2.4.04_001

cdatatec92408a_firmwareMatch2.4.05_000

AND

cdatatec92408aMatch-

Node

cdatatec92416a_firmwareMatch1.2.2

cdatatec92416a_firmwareMatch2.4.03_000

cdatatec92416a_firmwareMatch2.4.04_001

cdatatec92416a_firmwareMatch2.4.05_000

AND

cdatatec92416aMatch-

Node

cdatatec9288_firmwareMatch1.2.2

cdatatec9288_firmwareMatch2.4.03_000

cdatatec9288_firmwareMatch2.4.04_001

cdatatec9288_firmwareMatch2.4.05_000

AND

cdatatec9288Match-

Node

cdatatec97016_firmwareMatch1.2.2

cdatatec97016_firmwareMatch2.4.03_000

cdatatec97016_firmwareMatch2.4.04_001

cdatatec97016_firmwareMatch2.4.05_000

AND

cdatatec97016Match-

Node

cdatatec97024p_firmwareMatch1.2.2

cdatatec97024p_firmwareMatch2.4.03_000

cdatatec97024p_firmwareMatch2.4.04_001

cdatatec97024p_firmwareMatch2.4.05_000

AND

cdatatec97024pMatch-

Node

cdatatec97028p_firmwareMatch1.2.2

cdatatec97028p_firmwareMatch2.4.03_000

cdatatec97028p_firmwareMatch2.4.04_001

cdatatec97028p_firmwareMatch2.4.05_000

AND

cdatatec97028pMatch-

Node

cdatatec97042p_firmwareMatch1.2.2

cdatatec97042p_firmwareMatch2.4.03_000

cdatatec97042p_firmwareMatch2.4.04_001

cdatatec97042p_firmwareMatch2.4.05_000

AND

cdatatec97042pMatch-

Node

cdatatec97084p_firmwareMatch1.2.2

cdatatec97084p_firmwareMatch2.4.03_000

cdatatec97084p_firmwareMatch2.4.04_001

cdatatec97084p_firmwareMatch2.4.05_000

AND

cdatatec97084pMatch-

Node

cdatatec97168p_firmwareMatch1.2.2

cdatatec97168p_firmwareMatch2.4.03_000

cdatatec97168p_firmwareMatch2.4.04_001

cdatatec97168p_firmwareMatch2.4.05_000

AND

cdatatec97168pMatch-

Node

cdatatecfd1002s_firmwareMatch1.2.2

cdatatecfd1002s_firmwareMatch2.4.03_000

cdatatecfd1002s_firmwareMatch2.4.04_001

cdatatecfd1002s_firmwareMatch2.4.05_000

AND

cdatatecfd1002sMatch-

Node

cdatatecfd1104_firmwareMatch1.2.2

cdatatecfd1104_firmwareMatch2.4.03_000

cdatatecfd1104_firmwareMatch2.4.04_001

cdatatecfd1104_firmwareMatch2.4.05_000

AND

cdatatecfd1104Match-

Node

cdatatecfd1104b_firmwareMatch1.2.2

cdatatecfd1104b_firmwareMatch2.4.03_000

cdatatecfd1104b_firmwareMatch2.4.04_001

cdatatecfd1104b_firmwareMatch2.4.05_000

AND

cdatatecfd1104bMatch-

Node

cdatatecfd1104s_firmwareMatch1.2.2

cdatatecfd1104s_firmwareMatch2.4.03_000

cdatatecfd1104s_firmwareMatch2.4.04_001

cdatatecfd1104s_firmwareMatch2.4.05_000

AND

cdatatecfd1104sMatch-

Node

cdatatecfd1104sn_firmwareMatch1.2.2

cdatatecfd1104sn_firmwareMatch2.4.03_000

cdatatecfd1104sn_firmwareMatch2.4.04_001

cdatatecfd1104sn_firmwareMatch2.4.05_000

AND

cdatatecfd1104snMatch-

Node

cdatatecfd1108s_firmwareMatch1.2.2

cdatatecfd1108s_firmwareMatch2.4.03_000

cdatatecfd1108s_firmwareMatch2.4.04_001

cdatatecfd1108s_firmwareMatch2.4.05_000

AND

cdatatecfd1108sMatch-

Node

cdatatecfd1204s-r2_firmwareMatch1.2.2

cdatatecfd1204s-r2_firmwareMatch2.4.03_000

cdatatecfd1204s-r2_firmwareMatch2.4.04_001

cdatatecfd1204s-r2_firmwareMatch2.4.05_000

AND

cdatatecfd1204s-r2Match-

Node

cdatatecfd1204sn_firmwareMatch1.2.2

cdatatecfd1204sn_firmwareMatch2.4.03_000

cdatatecfd1204sn_firmwareMatch2.4.04_001

cdatatecfd1204sn_firmwareMatch2.4.05_000

AND

cdatatecfd1204snMatch-

Node

cdatatecfd1204sn-r2_firmwareMatch1.2.2

cdatatecfd1204sn-r2_firmwareMatch2.4.03_000

cdatatecfd1204sn-r2_firmwareMatch2.4.04_001

cdatatecfd1204sn-r2_firmwareMatch2.4.05_000

AND

cdatatecfd1204sn-r2Match-

Node

cdatatecfd1208s-r2_firmwareMatch1.2.2

cdatatecfd1208s-r2_firmwareMatch2.4.03_000

cdatatecfd1208s-r2_firmwareMatch2.4.04_001

cdatatecfd1208s-r2_firmwareMatch2.4.05_000

AND

cdatatecfd1208s-r2Match-

Node

cdatatecfd1216s-r1_firmwareMatch1.2.2

cdatatecfd1216s-r1_firmwareMatch2.4.03_000

cdatatecfd1216s-r1_firmwareMatch2.4.04_001

cdatatecfd1216s-r1_firmwareMatch2.4.05_000

AND

cdatatecfd1216s-r1Match-

Node

cdatatecfd1608gs_firmwareMatch1.2.2

cdatatecfd1608gs_firmwareMatch2.4.03_000

cdatatecfd1608gs_firmwareMatch2.4.04_001

cdatatecfd1608gs_firmwareMatch2.4.05_000

AND

cdatatecfd1608gsMatch-

Node

cdatatecfd1608sn_firmwareMatch1.2.2

cdatatecfd1608sn_firmwareMatch2.4.03_000

cdatatecfd1608sn_firmwareMatch2.4.04_001

cdatatecfd1608sn_firmwareMatch2.4.05_000

AND

cdatatecfd1608snMatch-

Node

cdatatecfd1616gs_firmwareMatch1.2.2

cdatatecfd1616gs_firmwareMatch2.4.03_000

cdatatecfd1616gs_firmwareMatch2.4.04_001

cdatatecfd1616gs_firmwareMatch2.4.05_000

AND

cdatatecfd1616gsMatch-

Node

cdatatecfd1616sn_firmwareMatch1.2.2

cdatatecfd1616sn_firmwareMatch2.4.03_000

cdatatecfd1616sn_firmwareMatch2.4.04_001

cdatatecfd1616sn_firmwareMatch2.4.05_000

AND

cdatatecfd1616snMatch-

Node

cdatatecfd8000_firmwareMatch1.2.2

cdatatecfd8000_firmwareMatch2.4.03_000

cdatatecfd8000_firmwareMatch2.4.04_001

cdatatecfd8000_firmwareMatch2.4.05_000

AND

cdatatecfd8000Match-

VendorProductVersionCPE
cdatatec72408a_firmware1.2.2cpe:2.3:o:cdatatec:72408a_firmware:1.2.2:*:*:*:*:*:*:*
cdatatec72408a_firmware2.4.03_000cpe:2.3:o:cdatatec:72408a_firmware:2.4.03_000:*:*:*:*:*:*:*
cdatatec72408a_firmware2.4.04_001cpe:2.3:o:cdatatec:72408a_firmware:2.4.04_001:*:*:*:*:*:*:*
cdatatec72408a_firmware2.4.05_000cpe:2.3:o:cdatatec:72408a_firmware:2.4.05_000:*:*:*:*:*:*:*
cdatatec72408a-cpe:2.3:h:cdatatec:72408a:-:*:*:*:*:*:*:*
cdatatec9008a_firmware1.2.2cpe:2.3:o:cdatatec:9008a_firmware:1.2.2:*:*:*:*:*:*:*
cdatatec9008a_firmware2.4.03_000cpe:2.3:o:cdatatec:9008a_firmware:2.4.03_000:*:*:*:*:*:*:*
cdatatec9008a_firmware2.4.04_001cpe:2.3:o:cdatatec:9008a_firmware:2.4.04_001:*:*:*:*:*:*:*
cdatatec9008a_firmware2.4.05_000cpe:2.3:o:cdatatec:9008a_firmware:2.4.05_000:*:*:*:*:*:*:*
cdatatec9008a-cpe:2.3:h:cdatatec:9008a:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cdatatec	72408a_firmware	1.2.2	cpe:2.3:o:cdatatec:72408a_firmware:1.2.2:::::::*
cdatatec	72408a_firmware	2.4.03_000	cpe:2.3:o:cdatatec:72408a_firmware:2.4.03_000:::::::*
cdatatec	72408a_firmware	2.4.04_001	cpe:2.3:o:cdatatec:72408a_firmware:2.4.04_001:::::::*
cdatatec	72408a_firmware	2.4.05_000	cpe:2.3:o:cdatatec:72408a_firmware:2.4.05_000:::::::*
cdatatec	72408a	-	cpe:2.3:h:cdatatec:72408a:-:::::::*
cdatatec	9008a_firmware	1.2.2	cpe:2.3:o:cdatatec:9008a_firmware:1.2.2:::::::*
cdatatec	9008a_firmware	2.4.03_000	cpe:2.3:o:cdatatec:9008a_firmware:2.4.03_000:::::::*
cdatatec	9008a_firmware	2.4.04_001	cpe:2.3:o:cdatatec:9008a_firmware:2.4.04_001:::::::*
cdatatec	9008a_firmware	2.4.05_000	cpe:2.3:o:cdatatec:9008a_firmware:2.4.05_000:::::::*
cdatatec	9008a	-	cpe:2.3:h:cdatatec:9008a:-:::::::*

Rows per page:

1-10 of 1401

References

pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.html

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.005

Percentile

76.9%

JSON

Related for NVD:CVE-2020-29062

prion1 cve1 cvelist1