Overview
- Description
- The Priva TopControl Suite contains predictable credentials for the SSH service, based on the Serial number. Which makes it possible for an attacker to calculate the login credentials for the Priva TopControll suite.
- Source
- csirt@divd.nl
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:priva:top_control_suite:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "32C20BD5-643F-436B-AE1A-0FBDC39910B2",
"versionEndIncluding": "8.7.8.0"
}
],
"operator": "OR"
}
]
}
]