CVE-2011-0887 - Vulnerability Details - OpenCVE

The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.10232.

Key SSVC decision points have not yet been added.

Vendors	Products
Smc Networks Subscribe	Smcd3g-ccr Subscribe Smcd3g-ccr Firmware Subscribe

Configuration 1 [-]

AND

cpe:2.3:h:smc_networks:smcd3g-ccr:*:*:*:*:*:*:*:*

cpe:2.3:a:smc_networks:smcd3g-ccr_firmware:1.4.0.42:*:*:*:*:*:*:*

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://seclists.org/bugtraq/2011/Feb/36
http://secunia.com/advisories/43199
http://securityreason.com/securityalert/8068
http://www.exploit-db.com/exploits/16123/
http://www.securityfocus.com/archive/1/516205/100/0/threaded
http://www.securityfocus.com/bid/46215
https://exchange.xforce.ibmcloud.com/vulnerabilities/65186
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-02-08T21:00:00

Updated: 2024-08-06T22:05:54.645Z

Reserved: 2011-02-04T00:00:00

Link: CVE-2011-0887

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-02-08T22:00:02.213

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-0887

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-310

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-04T00:00:00", "descriptions": [{"lang": "en", "value": "The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20110204 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://seclists.org/bugtraq/2011/Feb/36"}, {"name": "smcd3gccr-weak-security(65186)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186"}, {"name": "43199", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43199"}, {"name": "8068", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8068"}, {"name": "46215", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46215"}, {"name": "16123", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/16123/"}, {"name": "20110205 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/516205/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-0887", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20110204 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "refsource": "BUGTRAQ", "url": "http://seclists.org/bugtraq/2011/Feb/36"}, {"name": "smcd3gccr-weak-security(65186)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186"}, {"name": "43199", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43199"}, {"name": "8068", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8068"}, {"name": "46215", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46215"}, {"name": "16123", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/16123/"}, {"name": "20110205 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/516205/100/0/threaded"}, {"name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt", "refsource": "MISC", "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:05:54.645Z"}, "title": "CVE Program Container", "references": [{"name": "20110204 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://seclists.org/bugtraq/2011/Feb/36"}, {"name": "smcd3gccr-weak-security(65186)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186"}, {"name": "43199", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43199"}, {"name": "8068", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8068"}, {"name": "46215", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46215"}, {"name": "16123", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/16123/"}, {"name": "20110205 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/516205/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-0887", "datePublished": "2011-02-08T21:00:00", "dateReserved": "2011-02-04T00:00:00", "dateUpdated": "2024-08-06T22:05:54.645Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:smc_networks:smcd3g-ccr:*:*:*:*:*:*:*:*", "matchCriteriaId": "F46D2357-91D8-450B-BC97-A0E77E90506D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:smc_networks:smcd3g-ccr_firmware:1.4.0.42:*:*:*:*:*:*:*", "matchCriteriaId": "5A103C00-B625-4E8D-AB50-DC20034624F9", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie."}, {"lang": "es", "value": "El portal de gesti\u00f3n web en el SMC SMCD3G-CCR (tambi\u00e9n conocido como Comcast Business Gateway) con firmware anterior a v1.4.0.49.2 utiliza identificadores sesi\u00f3n de predecibles basados en valores temporales, lo que facilita a los atacantes remotos secuestrar sesiones a trav\u00e9s de un ataque de fuerza bruta sobre la la cookie de ID de usuario."}], "id": "CVE-2011-0887", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-02-08T22:00:02.213", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://seclists.org/bugtraq/2011/Feb/36"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/43199"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/8068"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/16123/"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/516205/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/46215"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://seclists.org/bugtraq/2011/Feb/36"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43199"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/8068"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/16123/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/516205/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/46215"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}