var-201512-0023
Vulnerability from variot
Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded credentials, which allows remote attackers to obtain administrative access via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. http://cwe.mitre.org/data/definitions/798.htmlA third party may gain administrative access. The Adcon Telemetry A840 Telemetry Gateway is the A840 series of gateway products from Adcon Telemetry, Germany. Multiple information-disclosure vulnerabilities 3. An authentication-bypass vulnerability Attackers can exploit these issues to gain unauthorized access to affected device, obtain sensitive information, or bypass authentication mechanism and perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201512-0023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "a840 telemetry gateway base station",
"scope": "eq",
"trust": 1.0,
"vendor": "adcon",
"version": "*"
},
{
"model": "a840 telemetry gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "adcon telemetry",
"version": null
},
{
"model": "telemetry a840 telemetry gateway icsa-15-349-01",
"scope": null,
"trust": 0.6,
"vendor": "adcon",
"version": null
},
{
"model": "a840 telemetry gateway base station",
"scope": null,
"trust": 0.6,
"vendor": "adcon",
"version": null
},
{
"model": "telemetry a850 telemetry gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "adcon",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08416"
},
{
"db": "BID",
"id": "79345"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006522"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-503"
},
{
"db": "NVD",
"id": "CVE-2015-7930"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:adcon:a840_telemetry_gateway_base_station_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006522"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Aditya K. Sood",
"sources": [
{
"db": "BID",
"id": "79345"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-503"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7930",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-7930",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-08416",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-85891",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2015-7930",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7930",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2015-7930",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2015-08416",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-503",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-85891",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-7930",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08416"
},
{
"db": "VULHUB",
"id": "VHN-85891"
},
{
"db": "VULMON",
"id": "CVE-2015-7930"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006522"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-503"
},
{
"db": "NVD",
"id": "CVE-2015-7930"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded credentials, which allows remote attackers to obtain administrative access via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-798: Use of Hard-coded Credentials ( Using hard-coded credentials ) Has been identified. http://cwe.mitre.org/data/definitions/798.htmlA third party may gain administrative access. The Adcon Telemetry A840 Telemetry Gateway is the A840 series of gateway products from Adcon Telemetry, Germany. Multiple information-disclosure vulnerabilities\n3. An authentication-bypass vulnerability\nAttackers can exploit these issues to gain unauthorized access to affected device, obtain sensitive information, or bypass authentication mechanism and perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7930"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006522"
},
{
"db": "CNVD",
"id": "CNVD-2015-08416"
},
{
"db": "BID",
"id": "79345"
},
{
"db": "VULHUB",
"id": "VHN-85891"
},
{
"db": "VULMON",
"id": "CVE-2015-7930"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7930",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-15-349-01",
"trust": 2.9
},
{
"db": "BID",
"id": "79345",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006522",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-503",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-08416",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-85891",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-7930",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08416"
},
{
"db": "VULHUB",
"id": "VHN-85891"
},
{
"db": "VULMON",
"id": "CVE-2015-7930"
},
{
"db": "BID",
"id": "79345"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006522"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-503"
},
{
"db": "NVD",
"id": "CVE-2015-7930"
}
]
},
"id": "VAR-201512-0023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08416"
},
{
"db": "VULHUB",
"id": "VHN-85891"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08416"
}
]
},
"last_update_date": "2024-11-23T21:43:35.051000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Base Stations",
"trust": 0.8,
"url": "http://www.adcon.at/index.php?option=com_hikashop\u0026view=product\u0026layout=listing\u0026Itemid=219\u0026lang=en"
},
{
"title": "Adcon Telemetry A840 Telemetry Gateway Hardcoded Certificate Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/68812"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08416"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006522"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006522"
},
{
"db": "NVD",
"id": "CVE-2015-7930"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-349-01"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/79345"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7930"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7930"
},
{
"trust": 0.3,
"url": "http://www.adcon.at/index.php?option=com_content\u0026view=article\u0026id=75:a850-telemetry-gateway\u0026catid=8\u0026itemid=196\u0026lang=en"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08416"
},
{
"db": "VULHUB",
"id": "VHN-85891"
},
{
"db": "VULMON",
"id": "CVE-2015-7930"
},
{
"db": "BID",
"id": "79345"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006522"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-503"
},
{
"db": "NVD",
"id": "CVE-2015-7930"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-08416"
},
{
"db": "VULHUB",
"id": "VHN-85891"
},
{
"db": "VULMON",
"id": "CVE-2015-7930"
},
{
"db": "BID",
"id": "79345"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006522"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-503"
},
{
"db": "NVD",
"id": "CVE-2015-7930"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08416"
},
{
"date": "2015-12-24T00:00:00",
"db": "VULHUB",
"id": "VHN-85891"
},
{
"date": "2015-12-24T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7930"
},
{
"date": "2015-12-15T00:00:00",
"db": "BID",
"id": "79345"
},
{
"date": "2015-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006522"
},
{
"date": "2015-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-503"
},
{
"date": "2015-12-24T01:59:00.113000",
"db": "NVD",
"id": "CVE-2015-7930"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08416"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-85891"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7930"
},
{
"date": "2015-12-15T00:00:00",
"db": "BID",
"id": "79345"
},
{
"date": "2015-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006522"
},
{
"date": "2015-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-503"
},
{
"date": "2024-11-21T02:37:41.190000",
"db": "NVD",
"id": "CVE-2015-7930"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-503"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adcon Telemetry A840 Telemetry Gateway Vulnerability to gain management access on base station",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006522"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-503"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…