CVE-2018-16219

A missing password verification in the web interface in AudioCodes 405HD VoIP phone with firmware 2.2.12 allows an remote attacker (in the same network as the device) to change the admin password without authentication via a POST request.

CVSS v3 8.8 HIGH
CVSS v2.0 3.3 LOW

8.8^/10

CVSS v3 : HIGH

Vector : AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 2.8 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

3.3^/10

CVSS v2.0 : LOW

Vector : AV:A/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_AudioCodes_405HD.pdf	Mitigation Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:audiocodes:405hd:-:*:*:*:*:*:*:*

cpe:2.3:o:audiocodes:405hd_firmware:2.2.12:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-04-25 20:29

Updated : 2019-04-26 19:56

NVD link : CVE-2018-16219

Mitre link : CVE-2018-16219

CVE.ORG link : CVE-2018-16219

JSON object : View

Products Affected

audiocodes

405hd_firmware
405hd

CWE

CWE-287

Improper Authentication

{"id": "CVE-2018-16219", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2019-04-25T20:29:01.850", "references": [{"url": "https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_AudioCodes_405HD.pdf", "tags": ["Mitigation", "Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "A missing password verification in the web interface in AudioCodes 405HD VoIP phone with firmware 2.2.12 allows an remote attacker (in the same network as the device) to change the admin password without authentication via a POST request."}, {"lang": "es", "value": "Una falta de verificaci\u00f3n de contrase\u00f1as en la interfaz web del tel\u00e9fono VoIP AudioCodes 405HD, con firmware 2.2.12, permite a un atacante remoto (en la misma red que el dispositivo) cambiar la contrase\u00f1a del administrador sin necesidad de autenticaci\u00f3n a trav\u00e9s de una solicitud POST."}], "lastModified": "2019-04-26T19:56:22.323", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:audiocodes:405hd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "67577D7D-EFCD-4CC1-8492-39D36817BAC8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:audiocodes:405hd_firmware:2.2.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1189322-CAF1-4E31-8D0C-9C546D423861"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}