PT-2017-8687 · Sierra Wireless · Sierra Wireless Gx 440

Publicado

2017-04-10

Atualizado

2017-04-14

CVE-2016-5070

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Sierra Wireless GX 440 version 4.3.2

Description The issue concerns the storage of passwords in cleartext. This means that passwords are not properly encrypted, potentially allowing unauthorized access to sensitive information.

Recommendations For version 4.3.2, consider updating to a newer version that properly encrypts passwords, if available. As a temporary workaround, restrict access to the device and its configuration to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-255

Identificadores relacionados

CVE-2016-5070

Produtos afetados

Sierra Wireless Gx 440

PT-2017-8687 · Sierra Wireless · Sierra Wireless Gx 440

CVE-2016-5070

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3