Vulnerabilities > Bakerhughes

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-19	CVE-2023-34437	Incorrect Permission Assignment for Critical Resource vulnerability in Bakerhughes Bentley Nevada 3500 System Firmware 5.0.5 Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a vulnerability in their password retrieval functionality which could allow an attacker to access passwords stored on the device. network low complexity bakerhughes CWE-732	7.5
2023-10-19	CVE-2023-34441	Cleartext Transmission of Sensitive Information vulnerability in Bakerhughes Bentley Nevada 3500 System Firmware 5.0.5 Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a cleartext transmission vulnerability which could allow an attacker to steal the authentication secret from communication traffic to the device and reuse it for arbitrary requests. network low complexity bakerhughes CWE-319	8.2
2023-10-19	CVE-2023-36857	Authentication Bypass by Capture-replay vulnerability in Bakerhughes Bentley Nevada 3500 System Firmware 5.0.5 Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a replay vulnerability which could allow an attacker to replay older captured packets of traffic to the device to gain access. network low complexity bakerhughes CWE-294	6.5
2022-07-26	CVE-2022-29952	Missing Authentication for Critical Function vulnerability in Bakerhughes products Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. network low complexity bakerhughes CWE-306 critical	9.1
2022-07-26	CVE-2022-29953	Use of Hard-coded Credentials vulnerability in Bakerhughes products The Bently Nevada 3700 series of condition monitoring equipment through 2022-04-29 has a maintenance interface on port 4001/TCP with undocumented, hardcoded credentials. network low complexity bakerhughes CWE-798 critical	9.8
2022-05-25	CVE-2021-32997	Use of Password Hash With Insufficient Computational Effort vulnerability in Bakerhughes products The affected Baker Hughes Bentley Nevada products (3500 System 1 6.x, Part No. network low complexity bakerhughes CWE-916	7.5

Vulnerabilities > Bakerhughes {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Bakerhughes"}]}

Vulnerabilities > Bakerhughes