CVE-2022-0183
Published Jan 17, 2022
Last updated 3 years ago
Overview
- Description
- Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords.
- Source
- vultures@jpcert.or.jp
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.6
- Impact score
- 3.6
- Exploitability score
- 0.9
- Vector string
- CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-311
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kingjim:mirupass_pw10_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9FB74D3-B6AA-415E-9864-AEC01357401F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:kingjim:mirupass_pw10:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A965B937-4E1D-40F6-947E-816BA0B48EE8"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:kingjim:mirupass_pw20_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22A8DD2F-2606-4AD5-BE79-088B3A50D30A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:kingjim:mirupass_pw20:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "00914630-3A9A-472D-8FA0-80FB046F7384"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]