CVE-2015-7906 - OpenCVE

LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices allow remote attackers to read a password-hash backup file via unspecified vectors.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Loytec	Linx-100 L-switch And L-ip Firmware Lip-me201 Lvis-3e100 Lip-3ectb

Configuration 1 [-]

AND

cpe:2.3:o:loytec:l-switch_and_l-ip_firmware:6.0.1:*:*:*:*:*:*:*

OR	cpe:2.3:h:loytec:linx-100:-:::::::*
	cpe:2.3:h:loytec:lip-3ectb:-:::::::*
	cpe:2.3:h:loytec:lip-me201:-:::::::*
	cpe:2.3:h:loytec:lvis-3e100:-:::::::*

References

Link	Resource
https://ics-cert.us-cert.gov/advisories/ICSA-15-342-02	Third Party Advisory US Government Resource

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2015-12-21T11:00:00

Updated: 2015-12-21T08:57:01

Reserved: 2015-10-22T00:00:00

Link: CVE-2015-7906

JSON object: View

NVD Information

Status : Analyzed

Published: 2015-12-21T11:59:08.143

Modified: 2015-12-21T18:27:35.890

Link: CVE-2015-7906

JSON object: View

Redhat Information

No data.

CWE

CWE-255

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:loytec:l-switch_and_l-ip_firmware:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F0795BA-5E7D-45BB-82FE-13F3368C097E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:loytec:linx-100:-:*:*:*:*:*:*:*", "matchCriteriaId": "29BBF054-6B05-4F0C-8B17-FD148582B422", "vulnerable": false}, {"criteria": "cpe:2.3:h:loytec:lip-3ectb:-:*:*:*:*:*:*:*", "matchCriteriaId": "F63CC388-013C-478C-B21A-8BBB305005D6", "vulnerable": false}, {"criteria": "cpe:2.3:h:loytec:lip-me201:-:*:*:*:*:*:*:*", "matchCriteriaId": "842CB271-8A4A-4E29-B9CA-3B400005C947", "vulnerable": false}, {"criteria": "cpe:2.3:h:loytec:lvis-3e100:-:*:*:*:*:*:*:*", "matchCriteriaId": "873EF68F-6A26-4796-8221-C57ADC29BA41", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices allow remote attackers to read a password-hash backup file via unspecified vectors."}, {"lang": "es", "value": "Dispositivos LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100 y LIP-ME201 permiten a atacantes remotos leer una contrase\u00f1a-hash de un archivo de copia de seguridad a trav\u00e9s de vectores no especificados."}], "id": "CVE-2015-7906", "lastModified": "2015-12-21T18:27:35.890", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-12-21T11:59:08.143", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-342-02"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-255"}], "source": "nvd@nist.gov", "type": "Primary"}]}