Vulnerability Details : CVE-2014-0361
The default configuration of IBM 4690 OS, as used in Toshiba Global Commerce Solutions 4690 POS and other products, hashes passwords with the ADXCRYPT algorithm, which makes it easier for context-dependent attackers to obtain sensitive information via unspecified cryptanalysis of an ADXCSOUF.DAT file.
Products affected by CVE-2014-0361
- cpe:2.3:o:toshibacommerce:4690_point_of_sale_operating_system:6.4:*:*:*:*:*:*:*
- cpe:2.3:o:toshibacommerce:4690_point_of_sale_operating_system:6.3:*:*:*:*:*:*:*
- cpe:2.3:o:toshibacommerce:4690_point_of_sale_operating_system:6.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-0361
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-0361
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.0
|
LOW | AV:L/AC:M/Au:S/C:P/I:P/A:N |
2.7
|
4.9
|
NIST |
CWE ids for CVE-2014-0361
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-0361
-
http://www.kb.cert.org/vuls/id/622950
VU#622950 - Toshiba Global Commerce Solutions' 4690 Point of Sale operating system contains a password hashing algorithm that can be reversedUS Government Resource
-
http://www-01.ibm.com/support/docview.wss?uid=pos1R1005054
IBM notice: The page you requested cannot be displayedVendor Advisory
Jump to