Credentials to access device configuration were transmitted using an unencrypted protocol. These credentials would allow read-only access to network configuration information and terminal configuration data.
History

Fri, 04 Oct 2024 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Echostar
Echostar fusion
Echostar hughes Wl3000
CPEs cpe:2.3:a:hughes:wl300_fusion_software:*:*:*:*:*:*:*:* cpe:2.3:a:echostar:fusion:*:*:*:*:*:*:*:*
cpe:2.3:h:echostar:hughes_wl3000:-:*:*:*:*:*:*:*
Vendors & Products Hughes
Hughes wl300 Fusion Software
Echostar
Echostar fusion
Echostar hughes Wl3000

Thu, 03 Oct 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Hughes
Hughes wl300 Fusion Software
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:hughes:wl300_fusion_software:*:*:*:*:*:*:*:*
Vendors & Products Hughes
Hughes wl300 Fusion Software

Fri, 06 Sep 2024 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 05 Sep 2024 22:45:00 +0000

Type Values Removed Values Added
Description Credentials to access device configuration were transmitted using an unencrypted protocol. These credentials would allow read-only access to network configuration information and terminal configuration data.
Title Hughes Network Systems WL3000 Missing Encryption of Sensitive Data
Weaknesses CWE-311
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2024-09-05T22:41:35.315Z

Updated: 2024-09-06T13:26:24.838Z

Reserved: 2024-08-05T16:23:44.800Z

Link: CVE-2024-42495

cve-icon Vulnrichment

Updated: 2024-09-06T13:26:18.896Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-05T23:15:12.520

Modified: 2024-10-04T14:37:36.703

Link: CVE-2024-42495

cve-icon Redhat

No data.