Vulnerabilities > CVE-2022-26519 - Unspecified vulnerability in Carrier Hills Comnav Firmware 300219

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

carrier

NVD

Published: 2022-04-20

Updated: 2024-11-21

Summary

There is no limit to the number of attempts to authenticate for the local configuration pages for the Hills ComNav Version 3002-19 interface, which allows local attackers to brute-force credentials.

Vulnerable Configurations

Part	Description	Count
OS	Carrier Carrier Hills Comnav Firmware - Carrier Hills Comnav Firmware 3002-19	2
Hardware	Carrier Carrier Hills Comnav -	1

References

https://www.corporate.carrier.com/Images/CARR-PSA-Hills-ComNav-002-1121_tcm558-149392.pdf
https://www.corporate.carrier.com/Images/CARR-PSA-Hills-ComNav-002-1121_tcm558-149392.pdf