Morpho Itemiser 3 8.17 has hardcoded administrative credentials, which makes it easier for remote attackers to obtain access via a login request.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C
Vendors Products
Morpho
  • Itemiser 3

Configuration 1 [-]

cpe:2.3:h:morpho:itemiser_3:8.17:*:*:*:*:*:*:*
References
Link Resource
http://ics-cert.us-cert.gov/advisories/ICSA-14-205-01 US Government Resource
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2014-07-26T10:00:00

Updated: 2014-07-26T01:57:01

Reserved: 2014-03-13T00:00:00

Link: CVE-2014-2363

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2014-07-26T11:11:56.487

Modified: 2014-07-28T17:45:45.107

Link: CVE-2014-2363

JSON object: View

cve-icon Redhat Information

No data.

CWE