CVE-2014-4863
Summary
| CVE | CVE-2014-4863 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-09-05 17:55:00 UTC |
| Updated | 2014-09-08 17:11:00 UTC |
| Description | The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP request. |
Risk And Classification
Problem Types: CWE-200
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Arris | Touchstone Dg950a | - | All | All | All |
| Hardware | Arris | Touchstone Dg950a | - | All | All | All |
| Application | Arris | Touchstone Dg950a Software | 7.10.131 | All | All | All |
| Application | Arris | Touchstone Dg950a Software | 7.10.131 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Vulnerability Note VU#855836 - Arris Touchstone cable modem information leakage vulnerabiliity | CERT-VN | www.kb.cert.org | US Government Resource |
| More SNMP Information Leaks: CVE-2014-4862 and ... | Rapid7 Community | MISC | community.rapid7.com | Exploit |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.