Vulnerability in ekorCCP and ekorRCI that could allow an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to perform malicious actions.
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ormazabal-products | Third Party Advisory |
Configurations
History
07 Nov 2023, 03:56
Type | Values Removed | Values Added |
---|---|---|
Summary | Vulnerability in ekorCCP and ekorRCI that could allow an attacker with access to the network where the device is located to decrypt the credentials of privileged users, and subsequently gain access to the system to perform malicious actions. |
22 Sep 2023, 15:14
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ormazabal-products - Third Party Advisory | |
First Time |
Ormazabal ekorccp Firmware
Ormazabal ekorrci Firmware Ormazabal ekorccp Ormazabal Ormazabal ekorrci |
|
CWE | CWE-916 | |
CPE | cpe:2.3:o:ormazabal:ekorccp_firmware:601j:*:*:*:*:*:*:* cpe:2.3:h:ormazabal:ekorrci:-:*:*:*:*:*:*:* cpe:2.3:h:ormazabal:ekorccp:-:*:*:*:*:*:*:* cpe:2.3:o:ormazabal:ekorrci_firmware:601j:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
19 Sep 2023, 13:23
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-19 13:16
Updated : 2024-08-03 15:15
NVD link : CVE-2022-47557
Mitre link : CVE-2022-47557
CVE.ORG link : CVE-2022-47557
JSON object : View
Products Affected
ormazabal
- ekorrci_firmware
- ekorccp
- ekorccp_firmware
- ekorrci
CWE
CWE-916
Use of Password Hash With Insufficient Computational Effort