CVE-2014-2964
Published Aug 15, 2014
Last updated 10 years ago
Overview
- Description
- Cobham Aviator 700D and 700E satellite terminals have hardcoded passwords for the (1) debug, (2) prod, (3) do160, and (4) flrp programs, which allows physically proximate attackers to gain privileges by sending a password over a serial line.
- Source
- cret@cert.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- <a href="http://cwe.mitre.org/data/definitions/798.html">CWE-798: Use of Hard-coded Credentials</a>
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cobham:aviator_700d:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD3FE641-E175-4CC4-90BF-955B1C0217F3"
},
{
"criteria": "cpe:2.3:h:cobham:aviator_700e:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DF6EB81-6E66-4462-98AE-44DD641BCC90"
}
],
"operator": "OR"
}
]
}
]