CVE-2020-28331

{"id": "CVE-2020-28331", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2020-11-24T18:15:12.127", "references": [{"url": "http://packetstormsecurity.com/files/160162/Barco-wePresent-Undocumented-SSH-Interface.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://korelogic.com/Resources/Advisories/KL-001-2020-007.txt", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system initialization scripts read a device configuration file variable to see if the SSH daemon should be started. The web interface does not provide a visible capability to alter this configuration file variable. However, a malicious actor can include this variable in a POST such that the SSH daemon will be started when the device boots."}, {"lang": "es", "value": "Los dispositivos Barco wePresent WiPG-1600W presentan un Control de Acceso Inapropiado. Versi\u00f3n(es) afectada(s): 2.5.1.8. El dispositivo Barco wePresent WiPG-1600W presenta un demonio SSH incluido en la imagen del firmware. Por defecto, el demonio SSH est\u00e1 desactivado y no se inicia al arrancar el sistema. Los scripts de inicializaci\u00f3n del sistema leen una variable de archivo de configuraci\u00f3n del dispositivo para visualizar si el demonio SSH debe ser iniciado. La interfaz web no proporciona una capacidad visible para alterar esta variable de archivo de configuraci\u00f3n. Sin embargo, un actor malicioso puede incluir esta variable en una POST de modo que el demonio SSH sea reiniciado cuando se inicie el dispositivo."}], "lastModified": "2022-07-12T17:42:04.277", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:barco:wepresent_wipg-1600w_firmware:2.5.1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB2D35A0-E5B5-4A4F-911F-7621CAD17BE6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:barco:wepresent_wipg-1600w:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6EDF943-F79F-4729-A15C-BEDFDAC42EA3"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}