Vulnerability CVE-2013-7180
Published: 2014-08-15

Description:
Cobham SAILOR 900 VSAT; SAILOR FleetBroadBand 150, 250, and 500; EXPLORER BGAN; and AVIATOR 200, 300, 350, and 700D devices do not properly restrict password recovery, which allows attackers to obtain administrative privileges by leveraging physical access or terminal access to spoof a reset code.

Type:

CWE-Other

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
None
None
Affected software
Cobham -> Aviator 200 
Cobham -> Aviator 300 
Cobham -> Aviator 350 
Cobham -> Aviator 700d 
Cobham -> Explorer bgan 
Cobham -> Sailor 900 vsat 
Cobham -> Sailor fleetbroadband 150 
Cobham -> Sailor fleetbroadband 250 
Cobham -> Sailor fleetbroadband 500 

 References:
http://www.kb.cert.org/vuls/id/602006
Copyright 2024, cxsecurity.com

 

Back to Top