CVE-2018-12338

Undocumented Factory Backdoor in ECOS System Management Appliance (aka SMA) 5.2.68 allows the vendor to extract confidential information and manipulate security relevant configurations via remote root SSH access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
ecossystem_management_appliance
5.2.68
𝑥
= Vulnerable software versions
References
https://telematik.prakinf.tu-ilmenau.de/ecos-sbs/advisory.html
https://telematik.prakinf.tu-ilmenau.de/ecos-sbs/advisory.html