10

CVE-2008-4390

EPSS 3.84%
Veröffentlicht 09.12.2008 00:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cret@cert.org
CVE-Watchlists
Login
Unerledigt
Login

The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by sniffing the network.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Linksys Wvc54gc Firmware Version < 1.25

Cisco ≫ Linksys Wvc54gc Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.84%	0.877

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-319 Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

http://secunia.com/advisories/33032

Broken Link

http://www.kb.cert.org/vuls/id/528993

Patch

Third Party Advisory

US Government Resource

http://www.kb.cert.org/vuls/id/MAPG-7HJKSA

Third Party Advisory

US Government Resource

http://www.linksys.com/servlet/Satellite?blobcol=urldata&blobheadername1=Content-Type&blobheadername2=Content-Disposition&blobheadervalue1=text%2Fplain&blobheadervalue2=inline%3B+filename%3DWVC54GC-V1.0_non-RoHS-v1.25_fw_ver.txt&blobkey=id&blobtable=MungoBlobs&blobwhere=1193776031728&ssbinary=true&lid=8104724130B17

Product

http://www.securityfocus.com/bid/32666

Third Party Advisory

Broken Link

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2008-4390

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-4390

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-4390

EUVD