CVE-2015-0924

{"id": "CVE-2015-0924", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:N", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-01-17T11:59:06.127", "references": [{"url": "http://www.kb.cert.org/vuls/id/936356", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www.kb.cert.org/vuls/id/936356", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-255"}]}], "descriptions": [{"lang": "en", "value": "Ceragon FibeAir IP-10 bridges have a default password for the root account, which makes it easier for remote attackers to obtain access via a (1) HTTP, (2) SSH, (3) TELNET, or (4) CLI session."}, {"lang": "es", "value": "Los puentes FibeAir IP-10 de Ceragon, presentan una contrase\u00f1a por defecto para la cuenta root, que hace m\u00e1s f\u00e1cil para los atacantes remotos obtener el acceso por medio de una sesi\u00f3n (1) HTTP, (2) SSH, (3) TELNET, o (4) CLI."}], "lastModified": "2024-11-21T02:24:00.477", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ceragon:fiberair_ip-10c:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05F4F3E5-3477-4574-9B3A-2159F635A216"}, {"criteria": "cpe:2.3:h:ceragon:fiberair_ip-10e:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2672F10-4932-48DE-812F-280916A94686"}, {"criteria": "cpe:2.3:h:ceragon:fiberair_ip-10g:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE03D0D3-AD96-4B34-81AE-DA2533B48382"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org"}