CVE-2013-4712

Published Oct 19, 2013

Last updated 11 years ago

CVSS info 6.8

Overview

Description: I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
Source: vultures@jpcert.or.jp
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:iodata:hdl2-a\\/e:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B566CB0B-2289-4D8E-BE3A-A66B70311659"
          },
          {
            "criteria": "cpe:2.3:h:iodata:hdl2-ah:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B48C07B-E168-4982-933F-6719F97AFB7E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:iodata:hdl2-a_firmware:1.07:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B37DC41-32F2-4713-B2A2-95DE9F532616"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:iodata:hdl-a\\/e:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D0B0604-AA75-4F33-AB2E-7206B748910D"
          },
          {
            "criteria": "cpe:2.3:h:iodata:hdl-ah:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2F66C74-4293-40AB-A1C4-CFEEDA915335"
          },
          {
            "criteria": "cpe:2.3:h:iodata:hdl-as:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C373245A-8EFF-42F1-9114-7F9282117F3A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:iodata:hdl-a_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D5BF66A-45B1-4BE3-80AB-AA07EB5AB01C",
            "versionEndIncluding": "1.07"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References