CVE-2013-4876

{"id": "CVE-2013-4876", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-07-18T16:51:40.393", "references": [{"url": "http://www.kb.cert.org/vuls/id/458007", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/BLUU-997M5B", "tags": ["US Government Resource"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-255"}]}], "descriptions": [{"lang": "en", "value": "The Verizon Wireless Network Extender SCS-2U01 has a hardcoded password for the root account, which makes it easier for physically proximate attackers to obtain administrative access by leveraging a login prompt."}, {"lang": "es", "value": "El Verizon Wireless Network Extender SCS-26UC4 tiene un password embebido para la cuenta de root, lo que hace m\u00e1s facil para un atacante f\u00edsicamente pr\u00f3ximo obtener acceso administrativo mediante el aprovechamiento de un prompt de login."}], "lastModified": "2013-07-19T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:verizon:wireless_network_extender:scs-2u01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D36CAEBA-1928-4DD0-B5DC-7A05B4C4FED7"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}