Vulnerabilities > CVE-2013-4734 - Predictable Password Generation vulnerability in Multiple Vendors Multiple EAS Devices

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
digital-alert-systems
monroe-electronics
NVD
Published: 2013-06-30
Updated: 2013-07-01

Summary

dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors.

Vulnerable Configurations

Part Description Count
Hardware
Digital_Alert_Systems
2
Hardware
Monroe_Electronics
2

References