CVE-2009-4197

{"id": "CVE-2009-4197", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.7, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-12-04T11:30:00.860", "references": [{"url": "http://www.exploit-db.com/exploits/10276", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/37194", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54528", "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/10276", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/37194", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54528", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support autocomplete."}, {"lang": "es", "value": "rpwizPppoe.htm en Huawei MT882 V100R002B020 ARG-T ejecutando el firmware v3.7.9.98 contiene un formulario que no deshabilita la configuraci\u00f3n de autocompletado para el par\u00e1metro \"password\", lo que facilita a un usuario local o a un atacante f\u00edsicamente pr\u00f3ximo obtener la contrase\u00f1a desde navegadores web que soporten el autocompletado."}], "lastModified": "2024-11-21T01:09:08.123", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mt882_v100t002b020_arg-t:firmware_3.7.9.98:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FE8845ED-BEA2-42C7-BC6E-7F7783055484"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:huawei:mt882_modem_firmware:3.7.9.98:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76CBDC9C-9CC2-4B7E-AA28-6160E16222C2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:mt882_modem:v100r002b020_arg-t:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "441C9425-A051-429F-A9CF-C63DC7A3C063"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}