CVE-2014-2356

Published Jul 30, 2014

Last updated 3 months ago

CVSS info 5.0

Overview

Description: Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request.
Source: ics-cert@hq.dhs.gov
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6194A58A-3409-4E4E-BF26-DB2D15BFE391",
            "versionEndIncluding": "7.5.0"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E41381DB-C17E-4F94-A9B5-57CE84982677"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EBA9D22-2A39-4A81-B3C4-21DADCC539A1"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:4.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEA39812-F53E-4441-B95A-EBA2A14A6771"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EAF5C33A-561F-461F-9A9B-85F51ECED610"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:5.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E495E3A8-01F2-4D8F-95AB-6BCB1B5A1E0A"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A23B6E3-D4DE-46CF-9DDB-31E14D898A89"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:6.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE9C75D9-00A7-42AA-9BCF-FFE4D754F2AA"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:7.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6D6BF50-9082-422E-B85C-6343C6CFAF07"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:7.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38C28F6A-D59A-47BC-A7B9-A76EBB88AA95"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:7.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6519EE01-0C68-4AC1-8387-4893FF661B98"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:7.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AC25566-0891-4CE3-8724-1DC27A7ADF09"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:7.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D4893FA-A9E7-4F38-A031-5EABC696C2ED"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:8.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A14A9C8-D4E3-45F4-B1F8-F9D93F48506A"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:8.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5055C2CB-9D8A-4490-90EC-C32C019E756F"
          },
          {
            "criteria": "cpe:2.3:o:innominate:mguard_firmware:8.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1080DE53-1831-4BD4-9084-5ADB6886526C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References