CVE-2019-9532

Published: Oct 10, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local attacker to intercept the password and gain access to the portal.

Affected (1)

Products: Cobham: Explorer 710 Firmware

Cobham

1 product

Explorer 710 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cobham Explorer 710 Firmware	Version 1.07

Running on/with	Platform Versions
Cobham Explorer 710	All versions

Related CWEs

CWE-319

Cleartext Transmission of Sensitive Information

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References (2)

https://kb.cert.org/vuls/id/719689/

Source: cret@cert.org

Third Party AdvisoryUS Government Resource

https://kb.cert.org/vuls/id/719689/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.