- Description
- An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. There is no bruteforce protection (e.g., lockout) established. An attacker might be able to bruteforce the password to authenticate on the device.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:N
- nvd@nist.gov
- CWE-307
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vzug:combi-stream_mslq_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D622A17-7569-4A0A-A500-E07DF939ACEB",
"versionEndExcluding": "ethernet_r07"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:vzug:combi-stream_mslq:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "71471F55-CB54-4F42-8A94-92D0CE479028"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vzug:combi-stream_mslq_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68A4AABA-B6A5-4E1E-A848-F5AB12E7EAFF",
"versionEndExcluding": "wlan_r05"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:vzug:combi-stream_mslq:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "71471F55-CB54-4F42-8A94-92D0CE479028"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]