{"containers": {"cna": {"affected": [{"product": "DV-IP Express", "vendor": "Dedicated Micros", "versions": [{"status": "affected", "version": "unknown"}]}, {"product": "SD Advanced", "vendor": "Dedicated Micros", "versions": [{"status": "affected", "version": "unknown"}]}, {"product": "SD", "vendor": "Dedicated Micros", "versions": [{"status": "affected", "version": "unknown"}]}, {"product": "EcoSense", "vendor": "Dedicated Micros", "versions": [{"status": "affected", "version": "unknown"}]}, {"product": "DS2", "vendor": "Dedicated Micros", "versions": [{"status": "affected", "version": "unknown"}]}], "datePublic": "2015-08-20T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote attackers to obtain access by leveraging situations in which this warning was not heeded. NOTE: the vendor states \"The user is presented with clear warnings on the GUI that they should set usernames and passwords.\""}], "problemTypes": [{"descriptions": [{"description": "Other", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-06T14:14:50.000Z", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://cybergibbons.com/security-2/shodan-searches/interesting-shodan-searches-sd-advanced-dvrs/"}, {"tags": ["x_refsource_MISC"], "url": "http://www.kb.cert.org/vuls/id/276148"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2015-2909", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "DV-IP Express", "version": {"version_data": [{"version_value": "unknown"}]}}, {"product_name": "SD Advanced", "version": {"version_data": [{"version_value": "unknown"}]}}, {"product_name": "SD", "version": {"version_data": [{"version_value": "unknown"}]}}, {"product_name": "EcoSense", "version": {"version_data": [{"version_value": "unknown"}]}}, {"product_name": "DS2", "version": {"version_data": [{"version_value": "unknown"}]}}]}, "vendor_name": "Dedicated Micros"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote attackers to obtain access by leveraging situations in which this warning was not heeded. NOTE: the vendor states \"The user is presented with clear warnings on the GUI that they should set usernames and passwords.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Other"}]}]}, "references": {"reference_data": [{"name": "http://cybergibbons.com/security-2/shodan-searches/interesting-shodan-searches-sd-advanced-dvrs/", "refsource": "MISC", "url": "http://cybergibbons.com/security-2/shodan-searches/interesting-shodan-searches-sd-advanced-dvrs/"}, {"name": "http://www.kb.cert.org/vuls/id/276148", "refsource": "MISC", "url": "http://www.kb.cert.org/vuls/id/276148"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:32:20.363Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://cybergibbons.com/security-2/shodan-searches/interesting-shodan-searches-sd-advanced-dvrs/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/276148"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2015-2909", "datePublished": "2020-02-06T14:14:50.000Z", "dateReserved": "2015-04-03T00:00:00.000Z", "dateUpdated": "2024-08-06T05:32:20.363Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:dv-ip_express_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8F384B2-8664-4BB8-9111-6D74780C27F7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:dv-ip_express:-:*:*:*:*:*:*:*", "matchCriteriaId": "602C10B4-BF3C-47D4-A94E-42F012400DFA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd-advanced_-_sdhd_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "332B9E94-BC28-4E58-9BE1-66712B730FF6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd-advanced_-_sdhd:*:*:*:*:*:*:*:*", "matchCriteriaId": "74F3EEE6-025E-47C3-BD0B-6141B59121C4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd-advanced_8\\/12\\/16_vga_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "26A732B4-B87B-4DE7-8FCD-37261CC4756B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd-advanced_8\\/12\\/16_vga:-:*:*:*:*:*:*:*", "matchCriteriaId": "49BDBE71-B297-457C-AB47-77D3A2CCD9F8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd_advanced_closed_iptv_\\(m3u\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A456130-FB52-4BDA-A7DE-C0D4569CD6F6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd_advanced_closed_iptv_\\(m3u\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "6EEB3DD3-B4AF-455E-82A4-5CB0E3208154", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd_advanced_non_closed_iptv_\\(m3u\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2BA14D2-6872-40E2-9854-0C347EEA85E0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd_advanced_non_closed_iptv_\\(m3u\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "6E1188D9-FF5B-4871-B6F8-9CB2C5E198E2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd_advanced_nvr_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2C7C9B70-F481-4103-94AF-D7B564B92C41", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd_advanced_nvr:-:*:*:*:*:*:*:*", "matchCriteriaId": "003BBE05-7606-4FBE-95CF-F0EB5494ED89", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd_32_\\(m3g\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6C02755-872D-41E8-909B-F7B0C73D773C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd_32_\\(m3g\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "00EFD5DE-1C95-41E9-AA2C-28ADA6FE5ED4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd_32_\\(m3h\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6D763480-5F17-472B-9194-DF7FEB1EDB8A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd_32_\\(m3h\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "3290653A-7F36-4FF9-A996-80095758FAFD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd_4_\\(m3s\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0AA83431-215A-42BD-BC18-A3409EB19439", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd_4_\\(m3s\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "25710A9E-8FAE-4A77-8561-ADD63A637387", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd_4_\\(m3t\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1ABA204-F560-4340-A268-1E3F9074DEB1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd_4_\\(m3t\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "661D6443-8174-4A9E-AAA7-775B6D82C64F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd_8\\/12\\/16_no_kbd_\\(m3r\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8BAF6E88-F220-4572-8D5B-AFAB58E8D2B9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd_8\\/12\\/16_no_kbd_\\(m3r\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "DE8B7F37-743C-42B5-9DAE-468451D75D0E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd_8\\/12\\/16_no_kbd_\\(m3s\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9AA0634A-FEA9-47E9-B9FC-0AEF2209D97C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd_8\\/12\\/16_no_kbd_\\(m3s\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "ACC93B21-9FA0-473E-8454-AD2FF091CC2A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd_8\\/16_front_panel_kbd_\\(m3r\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A8804F1-E3E7-42F7-81D9-8C4EDF5339EB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd_8\\/16_front_panel_kbd_\\(m3r\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "50FE059B-8B29-4855-8E25-5008090E8173", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:sd_8\\/16_front_panel_kbd_\\(m3u\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "76114EEC-1948-4D24-B2B5-37FA941CAD09", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:sd_8\\/16_front_panel_kbd_\\(m3u\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "FF6E9E35-2A14-4B0F-B36A-1BE3A1575DEC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:ecosense_4\\/8\\/16_\\(m4t\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "765CFEBA-0DA1-4391-8022-F2B142502E99", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:ecosense_4\\/8\\/16_\\(m4t\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "24641CF1-970A-4344-B4B7-EE7CE2C14D78", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:ds2_\\(dvtr\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "826C5088-35A6-4288-868F-AE72DDC14336", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:ds2_\\(dvtr\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "C7BCF22E-A5EA-4975-A282-4B80A35E8C14", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:ds2_\\(dvtu\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BA8A86B-648F-4E8E-8320-2FF455F05BC6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:ds2_\\(dvtu\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "D0F4A60E-8EF0-42FD-9D54-502EF0954C8A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:ds2_\\(dvtx\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9AA8CF54-4767-4689-85EF-710754D6FAA9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:ds2_\\(dvtx\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "F8ECD808-156E-4936-B237-75CB29D3DB6F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:ds2_\\(dvtx\\)_netvu_connected_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B80E270E-55E1-464C-BC7F-948DD1890160", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:ds2_\\(dvtx\\)_netvu_connected:-:*:*:*:*:*:*:*", "matchCriteriaId": "66EB08A9-11C0-4629-9FD9-DA6178A301B1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netvu:ds2_\\(m2ip\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB5B90CC-181D-4278-9157-3AF3A2F4365E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netvu:ds2_\\(m2ip\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "B9430043-BEE0-41EF-A731-4290796A927E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote attackers to obtain access by leveraging situations in which this warning was not heeded. NOTE: the vendor states \"The user is presented with clear warnings on the GUI that they should set usernames and passwords.\""}, {"lang": "es", "value": "Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense y DS2 se basan en una advertencia de la GUI para ayudar a garantizar que el administrador configure las credenciales de inicio de sesi\u00f3n, lo que facilita a atacantes remotos obtener acceso mediante el aprovechamiento de situaciones en las que a esta advertencia no se le prest\u00f3 atenci\u00f3n. NOTA: el proveedor declara \"El usuario se le presentan advertencias claras en la GUI de que deben configurar los nombres de usuario y contrase\u00f1as\"."}], "id": "CVE-2015-2909", "lastModified": "2024-11-21T02:28:18.260", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-02-06T15:15:11.047", "references": [{"source": "cret@cert.org", "tags": ["Exploit", "Third Party Advisory"], "url": "http://cybergibbons.com/security-2/shodan-searches/interesting-shodan-searches-sd-advanced-dvrs/"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/276148"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "http://cybergibbons.com/security-2/shodan-searches/interesting-shodan-searches-sd-advanced-dvrs/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/276148"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}