Vulnerabilities > CVE-2018-12338 - Unspecified vulnerability in Ecos System Management Appliance 5.2.68

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ecos

critical

NVD

Published: 2018-06-17

Updated: 2019-10-03

Summary

Undocumented Factory Backdoor in ECOS System Management Appliance (aka SMA) 5.2.68 allows the vendor to extract confidential information and manipulate security relevant configurations via remote root SSH access.

Vulnerable Configurations

Part	Description	Count
Application	Ecos Ecos System Management Appliance 5.2.68	1

References

https://telematik.prakinf.tu-ilmenau.de/ecos-sbs/advisory.html