{"api_version":"1","generated_at":"2026-05-11T16:14:50+00:00","cve":"CVE-2019-9532","urls":{"html":"https://cve.report/CVE-2019-9532","api":"https://cve.report/api/cve/CVE-2019-9532.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-9532","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-9532"},"summary":{"title":"CVE-2019-9532","description":"The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local attacker to intercept the password and gain access to the portal.","state":"PUBLIC","assigner":"cert@cert.org","published_at":"2019-10-10 20:15:00","updated_at":"2019-10-17 16:31:00"},"problem_types":["CWE-319"],"metrics":[],"references":[{"url":"https://kb.cert.org/vuls/id/719689/","name":"VU#719689","refsource":"CERT-VN","tags":["Third Party Advisory","US Government Resource"],"title":"VU#719689 - Multiple vulnerabilities found in the Cobham EXPLORER 710 satcom terminal","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-9532","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9532","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"This issue was found by Kyle O'Meara and David Belasco.","lang":""}],"nvd_cpes":[{"cve_year":"2019","cve_id":"9532","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cobham","cpe5":"explorer_710","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"9532","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"cobham","cpe5":"explorer_710","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"9532","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cobham","cpe5":"explorer_710_firmware","cpe6":"1.07","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"9532","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cobham","cpe5":"explorer_710_firmware","cpe6":"1.07","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cert@cert.org","DATE_PUBLIC":"2019-10-09T04:00:00.000Z","ID":"CVE-2019-9532","STATE":"PUBLIC","TITLE":"The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Explorer 710","version":{"version_data":[{"version_affected":"=","version_name":"1.07","version_value":"1.07"}]}}]},"vendor_name":"Cobham plc"}]}},"credit":[{"lang":"eng","value":"This issue was found by Kyle O'Meara and David Belasco."}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local attacker to intercept the password and gain access to the portal."}]},"generator":{"engine":"Vulnogram 0.0.8"},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-319: Cleartext Transmission of Sensitive Information"}]}]},"references":{"reference_data":[{"name":"VU#719689","refsource":"CERT-VN","url":"https://kb.cert.org/vuls/id/719689/"}]},"source":{"discovery":"UNKNOWN"}},"nvd":{"publishedDate":"2019-10-10 20:15:00","lastModifiedDate":"2019-10-17 16:31:00","problem_types":["CWE-319"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:cobham:explorer_710_firmware:1.07:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:cobham:explorer_710:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"9532","Ordinal":"147398","Title":"CVE-2019-9532","CVE":"CVE-2019-9532","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"9532","Ordinal":"1","NoteData":"The web application portal of the Cobham EXPLORER 710, firmware version 1.07, sends the login password in cleartext. This could allow an unauthenticated, local attacker to intercept the password and gain access to the portal.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"9532","Ordinal":"2","NoteData":"2019-10-10","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"9532","Ordinal":"3","NoteData":"2019-10-10","Type":"Other","Title":"Modified"}]}}}