CVE-2011-0887 - Vulnerability Details - OpenCVE

Description

The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie.

Published: 2011-02-08

Score: 4.3 Medium

EPSS: 10.2% Moderate

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:h:smc_networks:smcd3g-ccr:*:*:*:*:*:*:*:*

cpe:2.3:a:smc_networks:smcd3g-ccr_firmware:1.4.0.42:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.10232.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://seclists.org/bugtraq/2011/Feb/36
http://secunia.com/advisories/43199
http://securityreason.com/securityalert/8068
http://www.exploit-db.com/exploits/16123/
http://www.securityfocus.com/archive/1/516205/100/0/threaded
http://www.securityfocus.com/bid/46215
https://exchange.xforce.ibmcloud.com/vulnerabilities/65186
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt

History

No history.

Subscriptions

Smc Networks Smcd3g-ccr Smcd3g-ccr Firmware

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-02-08T21:00:00.000Z

Updated: 2024-08-06T22:05:54.645Z

Reserved: 2011-02-04T00:00:00.000Z

Link: CVE-2011-0887

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-02-08T22:00:02.213

Modified: 2026-04-29T01:13:23.040

Link: CVE-2011-0887

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-310

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-04T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20110204 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://seclists.org/bugtraq/2011/Feb/36"}, {"name": "smcd3gccr-weak-security(65186)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186"}, {"name": "43199", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43199"}, {"name": "8068", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8068"}, {"name": "46215", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46215"}, {"name": "16123", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/16123/"}, {"name": "20110205 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/516205/100/0/threaded"}, {"tags": ["x_refsource_MISC"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-0887", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20110204 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "refsource": "BUGTRAQ", "url": "http://seclists.org/bugtraq/2011/Feb/36"}, {"name": "smcd3gccr-weak-security(65186)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186"}, {"name": "43199", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43199"}, {"name": "8068", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8068"}, {"name": "46215", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46215"}, {"name": "16123", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/16123/"}, {"name": "20110205 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/516205/100/0/threaded"}, {"name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt", "refsource": "MISC", "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:05:54.645Z"}, "title": "CVE Program Container", "references": [{"name": "20110204 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://seclists.org/bugtraq/2011/Feb/36"}, {"name": "smcd3gccr-weak-security(65186)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186"}, {"name": "43199", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43199"}, {"name": "8068", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8068"}, {"name": "46215", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46215"}, {"name": "16123", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/16123/"}, {"name": "20110205 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/516205/100/0/threaded"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-0887", "datePublished": "2011-02-08T21:00:00.000Z", "dateReserved": "2011-02-04T00:00:00.000Z", "dateUpdated": "2024-08-06T22:05:54.645Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:smc_networks:smcd3g-ccr:*:*:*:*:*:*:*:*", "matchCriteriaId": "F46D2357-91D8-450B-BC97-A0E77E90506D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:smc_networks:smcd3g-ccr_firmware:1.4.0.42:*:*:*:*:*:*:*", "matchCriteriaId": "5A103C00-B625-4E8D-AB50-DC20034624F9", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie."}, {"lang": "es", "value": "El portal de gesti\u00f3n web en el SMC SMCD3G-CCR (tambi\u00e9n conocido como Comcast Business Gateway) con firmware anterior a v1.4.0.49.2 utiliza identificadores sesi\u00f3n de predecibles basados en valores temporales, lo que facilita a los atacantes remotos secuestrar sesiones a trav\u00e9s de un ataque de fuerza bruta sobre la la cookie de ID de usuario."}], "id": "CVE-2011-0887", "lastModified": "2026-04-29T01:13:23.040", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-02-08T22:00:02.213", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://seclists.org/bugtraq/2011/Feb/36"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/43199"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/8068"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/16123/"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/516205/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/46215"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://seclists.org/bugtraq/2011/Feb/36"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/43199"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/8068"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/16123/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/516205/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/46215"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}