CVE-2011-4859

{"id": "CVE-2011-4859", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-12-17T11:55:11.917", "references": [{"url": "http://reversemode.com/index.php?option=com_content&task=view&id=80&Itemid=1", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/47723", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/51605", "source": "cve@mitre.org"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-346-01.pdf", "source": "cve@mitre.org"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf", "source": "cve@mitre.org"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-01.pdf", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72587", "source": "cve@mitre.org"}, {"url": "http://reversemode.com/index.php?option=com_content&task=view&id=80&Itemid=1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/47723", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/51605", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-346-01.pdf", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-018-01.pdf", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72587", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M340 BMXNOE01* and BMXP3420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port."}, {"lang": "es", "value": "El m\u00f3dulo Schneider Electric Quantum Ethernet, tal como se utiliza en los m\u00f3dulos Quantum 140NOE771* y 140CPU65*, los m\u00f3dulos Premium TSXETY* y TSXP57*, los m\u00f3dulos M340 BMXNOE01* y BMXP3420*, y los m\u00f3dulos STB DIO STBNIC2212 y STBNIP2*, utiliza contrase\u00f1as est\u00e1ticas para las cuentas (1) AUTCSE, (2) AUT_CSE, (3) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (13) target, (14) test, (15) USER, y (16) webserver, lo que facilita a atacantes remotos obtener acceso a trav\u00e9s de (a) TELNET, (b) Windriver Debug, o (c) el puerto FTP."}], "lastModified": "2024-11-21T01:33:08.170", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140cpu65150:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F46FD25F-6A66-4A01-94B6-B2C7B4A1161F", "versionEndIncluding": "3.5"}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140cpu65160:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4B260E8-8CAB-43D6-B7EB-1A47085B3301", "versionEndIncluding": "3.5"}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140cpu65260:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7407DDC-F4BC-48FB-9B0B-4BED21B82FAE", "versionEndIncluding": "3.5"}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77100:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E2B9B12-772E-45B0-B696-9487C5EC9669", "versionEndIncluding": "3.3"}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77100:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84E9206F-0AED-4C42-849E-F8741C070234", "versionEndIncluding": "3.4"}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77101:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6272D36-A9E3-4210-8998-19D65323E085", "versionEndIncluding": "4.9"}, {"criteria": "cpe:2.3:a:schneider-electric:quantum_ethernet_module_140noe77111:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0780C449-C9A7-4D83-9090-C48EB308F69F", "versionEndIncluding": "5.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxety4103:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D5CFADB-BD77-45B2-83F6-791ECB6DCEC1", "versionEndIncluding": "5.0"}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxety5103:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD0DA2C8-81BE-4006-B6A2-DE2B20F85771", "versionEndIncluding": "5.0"}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp57163m:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1F32575-37AC-4F55-904F-68AED57F8B63", "versionEndIncluding": "4.9"}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp572634m:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B88C30B-8748-42AA-8765-2EC8ADAD4B54", "versionEndIncluding": "4.9"}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp573634m:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "985B9868-9D59-4902-B825-387BF1F8A8A6", "versionEndIncluding": "4.9"}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp574634m:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DD89F76-4EB6-41D2-8646-602C13166C35", "versionEndIncluding": "3.5"}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp575634m:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9CCBD5A-7E9F-4204-95CB-C1C00B3B4BFF", "versionEndIncluding": "3.5"}, {"criteria": "cpe:2.3:a:schneider-electric:premium_ethernet_module_tsxp576634m:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EDB245F-2BAF-4EA1-B6EC-E9F54C8AB4AD", "versionEndIncluding": "3.5"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxnoe0100:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C1A71AC-5951-40E0-900F-E3E29AD0C791", "versionEndIncluding": "2.3"}, {"criteria": "cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxnoe0110:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7D8CC15-CFC3-4BFF-9BC0-4059FD7DCDE6", "versionEndIncluding": "4.65"}, {"criteria": "cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxp342020:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76A49B2B-1353-46BF-8A03-2CD5701A1465", "versionEndIncluding": "2.2"}, {"criteria": "cpe:2.3:a:schneider-electric:m340_ethernet_module_bmxp342030:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "130C136E-5762-4C25-8F66-85CC323FB04F", "versionEndIncluding": "2.2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:schneider-electric:stb_dio_ethernet_module_stbnic2212:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4EC1C87-FF50-4442-B096-6EBB70A679A9", "versionEndIncluding": "2.10"}, {"criteria": "cpe:2.3:a:schneider-electric:stb_dio_ethernet_module_stbnip2212:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76A596AB-117A-471A-8DE2-F0271370EAE5", "versionEndIncluding": "2.73"}, {"criteria": "cpe:2.3:a:schneider-electric:stb_dio_ethernet_module_stbnip2311:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FDE9605-55A2-4B8C-B1F3-880E98328C55", "versionEndIncluding": "3.01"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}