Vulnerability Details : CVE-2018-12338
Undocumented Factory Backdoor in ECOS System Management Appliance (aka SMA) 5.2.68 allows the vendor to extract confidential information and manipulate security relevant configurations via remote root SSH access.
Products affected by CVE-2018-12338
- cpe:2.3:a:ecos:system_management_appliance:5.2.68:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-12338
0.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 60 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-12338
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2018-12338
-
https://telematik.prakinf.tu-ilmenau.de/ecos-sbs/advisory.html
Mitigation;Third Party Advisory
Jump to