Vulnerabilities > CVE-2014-0326 - Hardcoded Credentials Information Disclosure vulnerability in Iridium Pilot and OpenPort

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

iridium

critical

NVD

Published: 2014-08-17

Updated: 2014-08-28

Summary

The Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allow remote attackers to read hardcoded credentials via the web interface. <a href="http://cwe.mitre.org/data/definitions/798.html">CWE-798: Use of Hard-coded Credentials</a>

Vulnerable Configurations

Part	Description	Count
Hardware	Iridium Iridium Open Port - Iridium Pilot Below Deck Equipment -	2

References

http://www.kb.cert.org/vuls/id/578598