CVE-2016-5788
Published Nov 25, 2016
Last updated 8 years ago
Overview
- Description
- General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which makes it easier for remote attackers to obtain privileged access via unspecified vectors.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-254
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:bently_nevada_3500\\/22m_usb_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B9E09FC-DB3F-43CD-824C-B1249EB52CE8"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:bently_nevada_3500\\/22m_usb:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "09EACAB5-765A-4264-9E62-EDE09E94F373"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ge:bently_nevada_3500\\/22m_serial_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "35702EC1-86CA-41B2-B191-BFE664F4046C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ge:bently_nevada_3500\\/22m_serial:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3919D65C-99F0-4DBF-8FA1-AFADD63303B0"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]