CVE-2023-40463

CVSS V2 None CVSS V3 None

Description

When configured in debugging mode by an authenticated user with administrative privileges, ALEOS 4.16 and earlier store the SHA512 hash of the common root password for that version in a directory accessible to a user with root privileges or equivalent access.

Overview

CVE ID
CVE-2023-40463

Assigner
SWI

Vulnerability Status
PUBLISHED

Published Version
2023-12-04T22:57:41.197Z

Last Modified Date
2023-12-04T22:57:41.197Z

Weakness Enumerations

CWE	URL
CWE-798	http://cwe.mitre.org/data/definitions/798.html

References

Reference URL	Reference Tags
https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2023-006/#sthash.6KUVtE6w.dpbs

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-40463
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40463

History

Created	Old Value	New Value	Data Type	Notes
2024-06-25 02:09:05				Added to TrackCVE