CVE-2013-4712
Published Oct 19, 2013
Last updated 11 years ago
Overview
- Description
- I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
- Source
- vultures@jpcert.or.jp
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl2-a\\/e:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B566CB0B-2289-4D8E-BE3A-A66B70311659"
},
{
"criteria": "cpe:2.3:h:iodata:hdl2-ah:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B48C07B-E168-4982-933F-6719F97AFB7E"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl2-a_firmware:1.07:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B37DC41-32F2-4713-B2A2-95DE9F532616"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:iodata:hdl-a\\/e:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D0B0604-AA75-4F33-AB2E-7206B748910D"
},
{
"criteria": "cpe:2.3:h:iodata:hdl-ah:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2F66C74-4293-40AB-A1C4-CFEEDA915335"
},
{
"criteria": "cpe:2.3:h:iodata:hdl-as:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C373245A-8EFF-42F1-9114-7F9282117F3A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:iodata:hdl-a_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D5BF66A-45B1-4BE3-80AB-AA07EB5AB01C",
"versionEndIncluding": "1.07"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]