CVE-2019-3915
Published Apr 11, 2019
Last updated 4 years ago
Overview
- Description
- Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface.
- Source
- vulnreport@tenable.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5.4
- Impact score
- 6.4
- Exploitability score
- 5.5
- Vector string
- AV:A/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-294
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:verizon:fios_quantum_gateway_g1100_firmware:02.01.00.05:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FC5F8E3-3B4B-4305-B259-050F54FBF11F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:verizon:fios_quantum_gateway_g1100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0E81990A-78BF-4045-ABF7-3F0C97442093"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]