{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-05-26T00:00:00", "descriptions": [{"lang": "en", "value": "Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks ServSensor Contact with firmware before SP473 allow remote authenticated users to discover administrator and user passwords via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-05-30T01:57:01", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-147-03"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2016-2311", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks ServSensor Contact with firmware before SP473 allow remote authenticated users to discover administrator and user passwords via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-147-03", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-147-03"}]}}}}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2016-2311", "datePublished": "2016-05-30T01:00:00", "dateReserved": "2016-02-09T00:00:00", "dateUpdated": "2016-05-30T01:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_junior_eme102a-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5442D3D-3A7A-4E4D-8F1A-89799F692336", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_junior_eme103a-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "7155A60A-BFD8-4A3B-99EC-1436D414062C", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_junior_eme104a-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "56A2F50F-0881-4303-B3EC-C8CC3218B49B", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:blackbox:alertwerks_servsensor_junior_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8FDAF0E2-AEE2-4BC8-B109-50FAA1D432AC", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_contact_eme111a-20-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E4B819B-3D80-45C7-8D86-E56A67F096F2", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_contact_eme111a-60-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "8B6FE837-3A62-4CFD-B509-6E9D90377391", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_contact_eme112a-20-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "CB3F5137-9EBA-477F-AE8A-B5BA98BB1B33", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_contact_eme112a-60-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA9A12E1-283D-43DE-AADD-EF46BD555826", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_contact_eme113a-20-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "1735CF06-3DBA-4DB5-90CB-62F482B71313", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_contact_eme113a-60-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "6E7A6D5B-57E0-4AB7-8F0D-E95E766F8589", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:blackbox:alertwerks_servsensor_contact_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C6E40C7-5BD9-4FC8-B384-376606556318", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:blackbox:_alertwerks_servsensor_eme106a:-:*:*:*:*:*:*:*", "matchCriteriaId": "407C97F8-7E50-4866-9750-779DB29426DC", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:_alertwerks_servsensor_eme108a-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA0EB3D6-0676-4863-A118-BA6813B05DB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:_alertwerks_servsensor_eme109a-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "11DDA55C-62C7-4119-9D0B-5C63E164CEA2", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:_alertwerks_servsensor_eme110a-r2:-:*:*:*:*:*:*:*", "matchCriteriaId": "8386970B-907D-49B2-A195-26C151D82BB8", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_eme105a:-:*:*:*:*:*:*:*", "matchCriteriaId": "6708EBD9-2A87-4BD3-A32A-AF6E71D22AD9", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:blackbox:alertwerks_servsensor_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C7921B9C-C62F-4A7E-9834-3D10A62B4002", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_junior_eme152a:-:*:*:*:poe:*:*:*", "matchCriteriaId": "79AA004C-8F9F-4B72-8CB5-143CC15B254E", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_junior_eme153a:-:*:*:*:poe:*:*:*", "matchCriteriaId": "E6033DA2-0013-4306-BE2B-CF1ECE67E72F", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_junior_eme154a:-:*:*:*:poe:*:*:*", "matchCriteriaId": "CF2BE5E9-40AE-4E0D-ACDD-509ED15FE487", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_junior_eme155a:-:*:*:*:poe:*:*:*", "matchCriteriaId": "D7296F14-0552-4D2D-A390-AD852FAC2A15", "vulnerable": false}, {"criteria": "cpe:2.3:h:blackbox:alertwerks_servsensor_junior_eme158a:-:*:*:*:poe:*:*:*", "matchCriteriaId": "4C1C7C99-246C-4544-8559-21E608ED34C9", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:blackbox:alertwerks_servsensor_junior_firmware:-:*:*:*:poe:*:*:*", "matchCriteriaId": "F3B50A05-C0FA-4A18-A4FF-7FB7165852E1", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Black Box AlertWerks ServSensor with firmware before SP473, AlertWerks ServSensor Junior with firmware before SP473, AlertWerks ServSensor Junior with PoE with firmware before SP473, and AlertWerks ServSensor Contact with firmware before SP473 allow remote authenticated users to discover administrator and user passwords via unspecified vectors."}, {"lang": "es", "value": "Black Box AlertWerks ServSensor con firmware en versiones anteriores a SP473, AlertWerks ServSensor Junior con firmware en versiones anteriores a SP473, AlertWerks ServSensor Junior con PoE con firmware en versiones anteriores a SP473 y AlertWerks ServSensor Contact con firmware en versiones anteriores a SP473 permite a usuarios remotos autenticados descubrir contrase\u00f1as de administradores y usuarios a trav\u00e9s de vectores no especificados."}], "id": "CVE-2016-2311", "lastModified": "2017-04-07T19:40:29.587", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-05-30T01:59:06.003", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-147-03"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}, {"lang": "en", "value": "CWE-255"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}