NVD

Id
30790  
Name
CVE-2014-2361  
Description
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2014-07-24  
Modified Date
2016-11-28  
Seq
2014-2361  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
162181 30790 CVE-2014-2361 http://ics-cert.us-cert.gov/advisories/ICSA-14-202-01  View
162182 30790 CVE-2014-2361 68795  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
14681 JVNDB-2014-003556 OleumTech WIO DH2 Wireless Gateway および Sensor Wireless I/O Module における通信を偽装される脆弱性 OleumTech WIO DH2 Wireless Gateway および Sensor Wireless I/O Module は、BreeZ が使用されている際、サイトのセキュリティキーの読み取りに対して認証を要求しないため、通信を偽装される脆弱性が存在します。 CVE-2014-2361 69648 CVE-2014-2361 30790 7.2 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003556.html 2014-07-21 2014-07-25 View