PT-2012-3176 · Utc Fire & Security · Ge-Mc100-Ntp/Gps-Zb Master Clock

Temple Murphy

Published

2012-02-23

Updated

2012-02-27

CVE-2012-1288

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device (affected versions not specified)

Description The issue concerns the use of hardcoded credentials for an administrative account in the device, making it easier for remote attackers to gain access through an HTTP session.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2012-1288

Affected Products

Ge-Mc100-Ntp/Gps-Zb Master Clock

PT-2012-3176 · Utc Fire & Security · Ge-Mc100-Ntp/Gps-Zb Master Clock

CVE-2012-1288

Weakness Enumeration

Related Identifiers

Affected Products

References · 2