var-201512-0026
Vulnerability from variot
The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors. The Adcon Telemetry A840 Telemetry Gateway is the A840 series of gateway products from Adcon Telemetry, Germany. A hard-coded credentials security-bypass vulnerability 2. Multiple information-disclosure vulnerabilities 3. An authentication-bypass vulnerability Attackers can exploit these issues to gain unauthorized access to affected device, obtain sensitive information, or bypass authentication mechanism and perform unauthorized actions. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201512-0026",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "a840 telemetry gateway base station",
"scope": "eq",
"trust": 1.6,
"vendor": "adcon",
"version": null
},
{
"model": "a840 telemetry gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "adcon telemetry",
"version": null
},
{
"model": "telemetry a840 telemetry gateway icsa-15-349-01",
"scope": null,
"trust": 0.6,
"vendor": "adcon",
"version": null
},
{
"model": "telemetry a850 telemetry gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "adcon",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08414"
},
{
"db": "BID",
"id": "79345"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006525"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-506"
},
{
"db": "NVD",
"id": "CVE-2015-7934"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:adcon:a840_telemetry_gateway_base_station_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006525"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Aditya K. Sood",
"sources": [
{
"db": "BID",
"id": "79345"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-506"
}
],
"trust": 0.9
},
"cve": "CVE-2015-7934",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-7934",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-08414",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-85895",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2015-7934",
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-7934",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-7934",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-08414",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201512-506",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-85895",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2015-7934",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08414"
},
{
"db": "VULHUB",
"id": "VHN-85895"
},
{
"db": "VULMON",
"id": "CVE-2015-7934"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006525"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-506"
},
{
"db": "NVD",
"id": "CVE-2015-7934"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors. The Adcon Telemetry A840 Telemetry Gateway is the A840 series of gateway products from Adcon Telemetry, Germany. A hard-coded credentials security-bypass vulnerability\n2. Multiple information-disclosure vulnerabilities\n3. An authentication-bypass vulnerability\nAttackers can exploit these issues to gain unauthorized access to affected device, obtain sensitive information, or bypass authentication mechanism and perform unauthorized actions. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-7934"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006525"
},
{
"db": "CNVD",
"id": "CNVD-2015-08414"
},
{
"db": "BID",
"id": "79345"
},
{
"db": "VULHUB",
"id": "VHN-85895"
},
{
"db": "VULMON",
"id": "CVE-2015-7934"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-7934",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-15-349-01",
"trust": 2.9
},
{
"db": "BID",
"id": "79345",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006525",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201512-506",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-08414",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-85895",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-7934",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08414"
},
{
"db": "VULHUB",
"id": "VHN-85895"
},
{
"db": "VULMON",
"id": "CVE-2015-7934"
},
{
"db": "BID",
"id": "79345"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006525"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-506"
},
{
"db": "NVD",
"id": "CVE-2015-7934"
}
]
},
"id": "VAR-201512-0026",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08414"
},
{
"db": "VULHUB",
"id": "VHN-85895"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08414"
}
]
},
"last_update_date": "2024-11-23T21:43:35.089000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Base Stations",
"trust": 0.8,
"url": "http://www.adcon.at/index.php?option=com_hikashop\u0026view=product\u0026layout=listing\u0026Itemid=219\u0026lang=en"
},
{
"title": "Patch for Adcon Telemetry A840 Telemetry Gateway Information Disclosure Vulnerability (CNVD-2015-08414)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/68815"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08414"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006525"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-85895"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006525"
},
{
"db": "NVD",
"id": "CVE-2015-7934"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-15-349-01"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/79345"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7934"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7934"
},
{
"trust": 0.3,
"url": "http://www.adcon.at/index.php?option=com_content\u0026view=article\u0026id=75:a850-telemetry-gateway\u0026catid=8\u0026itemid=196\u0026lang=en"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-08414"
},
{
"db": "VULHUB",
"id": "VHN-85895"
},
{
"db": "VULMON",
"id": "CVE-2015-7934"
},
{
"db": "BID",
"id": "79345"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006525"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-506"
},
{
"db": "NVD",
"id": "CVE-2015-7934"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-08414"
},
{
"db": "VULHUB",
"id": "VHN-85895"
},
{
"db": "VULMON",
"id": "CVE-2015-7934"
},
{
"db": "BID",
"id": "79345"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-006525"
},
{
"db": "CNNVD",
"id": "CNNVD-201512-506"
},
{
"db": "NVD",
"id": "CVE-2015-7934"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08414"
},
{
"date": "2015-12-24T00:00:00",
"db": "VULHUB",
"id": "VHN-85895"
},
{
"date": "2015-12-24T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7934"
},
{
"date": "2015-12-15T00:00:00",
"db": "BID",
"id": "79345"
},
{
"date": "2015-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006525"
},
{
"date": "2015-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-506"
},
{
"date": "2015-12-24T01:59:03.050000",
"db": "NVD",
"id": "CVE-2015-7934"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-12-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-08414"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULHUB",
"id": "VHN-85895"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULMON",
"id": "CVE-2015-7934"
},
{
"date": "2015-12-15T00:00:00",
"db": "BID",
"id": "79345"
},
{
"date": "2015-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-006525"
},
{
"date": "2015-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201512-506"
},
{
"date": "2024-11-21T02:37:41.527000",
"db": "NVD",
"id": "CVE-2015-7934"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-506"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adcon Telemetry A840 Telemetry Gateway Base station Java Vulnerability in obtaining path name of log file in client",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-006525"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201512-506"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…