CVE-2015-0932
Published Apr 5, 2015
Last updated 10 years ago
Overview
- Description
- The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on port 873.
- Source
- cret@cert.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:antlabs:inngate_ig_3.00_e:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C98B2BC1-7343-4B40-B881-FBD115788003"
},
{
"criteria": "cpe:2.3:h:antlabs:inngate_ig_3.01_e:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D887F08E-E312-453E-BFC5-D1E2AEC38415"
},
{
"criteria": "cpe:2.3:h:antlabs:inngate_ig_3.02_e:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C30EB6A8-7469-4734-BFC2-4A44BAABA38A"
},
{
"criteria": "cpe:2.3:h:antlabs:inngate_ig_3.10_e:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25195541-04D9-4593-A572-C1F874479594"
},
{
"criteria": "cpe:2.3:h:antlabs:inngate_ig_3.10_g:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C957E44-295A-4415-ABA5-756162885BC1"
},
{
"criteria": "cpe:2.3:h:antlabs:inngate_ig_3100:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3860A74-8424-4CE4-B2CE-1FDDC59C0CF4"
},
{
"criteria": "cpe:2.3:h:antlabs:inngate_ig_3101:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2449B53D-8ECF-4791-871F-9555025FFCD1"
}
],
"operator": "OR"
}
]
}
]