CVE-2020-29055

24.11.2020, 21:15

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. By default, the appliance can be managed remotely only with HTTP, telnet, and SNMP. It doesn't support SSL/TLS for HTTP or SSH. An attacker can intercept passwords sent in cleartext and conduct man-in-the-middle attacks on the management of the appliance.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.9 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 33%

Vendor	Product	Version
cdatatec	72408a_firmware	1.2.2
cdatatec	72408a_firmware	2.4.03_000:_000
cdatatec	72408a_firmware	2.4.04_001:_001
cdatatec	72408a_firmware	2.4.05_000:_000
cdatatec	9008a_firmware	1.2.2
cdatatec	9008a_firmware	2.4.03_000:_000
cdatatec	9008a_firmware	2.4.04_001:_001
cdatatec	9008a_firmware	2.4.05_000:_000
cdatatec	9016a_firmware	1.2.2
cdatatec	9016a_firmware	2.4.03_000:_000
cdatatec	9016a_firmware	2.4.04_001:_001
cdatatec	9016a_firmware	2.4.05_000:_000
cdatatec	92408a_firmware	1.2.2
cdatatec	92408a_firmware	2.4.03_000:_000
cdatatec	92408a_firmware	2.4.04_001:_001
cdatatec	92408a_firmware	2.4.05_000:_000
cdatatec	92416a_firmware	1.2.2
cdatatec	92416a_firmware	2.4.03_000:_000
cdatatec	92416a_firmware	2.4.04_001:_001
cdatatec	92416a_firmware	2.4.05_000:_000
cdatatec	9288_firmware	1.2.2
cdatatec	9288_firmware	2.4.03_000:_000
cdatatec	9288_firmware	2.4.04_001:_001
cdatatec	9288_firmware	2.4.05_000:_000
cdatatec	97016_firmware	1.2.2
cdatatec	97016_firmware	2.4.03_000:_000
cdatatec	97016_firmware	2.4.04_001:_001
cdatatec	97016_firmware	2.4.05_000:_000
cdatatec	97024p_firmware	1.2.2
cdatatec	97024p_firmware	2.4.03_000:_000
cdatatec	97024p_firmware	2.4.04_001:_001
cdatatec	97024p_firmware	2.4.05_000:_000
cdatatec	97028p_firmware	1.2.2
cdatatec	97028p_firmware	2.4.03_000:_000
cdatatec	97028p_firmware	2.4.04_001:_001
cdatatec	97028p_firmware	2.4.05_000:_000
cdatatec	97042p_firmware	1.2.2
cdatatec	97042p_firmware	2.4.03_000:_000
cdatatec	97042p_firmware	2.4.04_001:_001
cdatatec	97042p_firmware	2.4.05_000:_000
cdatatec	97084p_firmware	1.2.2
cdatatec	97084p_firmware	2.4.03_000:_000
cdatatec	97084p_firmware	2.4.04_001:_001
cdatatec	97084p_firmware	2.4.05_000:_000
cdatatec	97168p_firmware	1.2.2
cdatatec	97168p_firmware	2.4.03_000:_000
cdatatec	97168p_firmware	2.4.04_001:_001
cdatatec	97168p_firmware	2.4.05_000:_000
cdatatec	fd1002s_firmware	1.2.2
cdatatec	fd1002s_firmware	2.4.03_000:_000
cdatatec	fd1002s_firmware	2.4.04_001:_001
cdatatec	fd1002s_firmware	2.4.05_000:_000
cdatatec	fd1104_firmware	1.2.2
cdatatec	fd1104_firmware	2.4.03_000:_000
cdatatec	fd1104_firmware	2.4.04_001:_001
cdatatec	fd1104_firmware	2.4.05_000:_000
cdatatec	fd1104b_firmware	1.2.2
cdatatec	fd1104b_firmware	2.4.03_000:_000
cdatatec	fd1104b_firmware	2.4.04_001:_001
cdatatec	fd1104b_firmware	2.4.05_000:_000
cdatatec	fd1104s_firmware	1.2.2
cdatatec	fd1104s_firmware	2.4.03_000:_000
cdatatec	fd1104s_firmware	2.4.04_001:_001
cdatatec	fd1104s_firmware	2.4.05_000:_000
cdatatec	fd1104sn_firmware	1.2.2
cdatatec	fd1104sn_firmware	2.4.03_000:_000
cdatatec	fd1104sn_firmware	2.4.04_001:_001
cdatatec	fd1104sn_firmware	2.4.05_000:_000
cdatatec	fd1108s_firmware	1.2.2
cdatatec	fd1108s_firmware	2.4.03_000:_000
cdatatec	fd1108s_firmware	2.4.04_001:_001
cdatatec	fd1108s_firmware	2.4.05_000:_000
cdatatec	fd1204s-r2_firmware	1.2.2
cdatatec	fd1204s-r2_firmware	2.4.03_000:_000
cdatatec	fd1204s-r2_firmware	2.4.04_001:_001
cdatatec	fd1204s-r2_firmware	2.4.05_000:_000
cdatatec	fd1204sn_firmware	1.2.2
cdatatec	fd1204sn_firmware	2.4.03_000:_000
cdatatec	fd1204sn_firmware	2.4.04_001:_001
cdatatec	fd1204sn_firmware	2.4.05_000:_000
cdatatec	fd1204sn-r2_firmware	1.2.2
cdatatec	fd1204sn-r2_firmware	2.4.03_000:_000
cdatatec	fd1204sn-r2_firmware	2.4.04_001:_001
cdatatec	fd1204sn-r2_firmware	2.4.05_000:_000
cdatatec	fd1208s-r2_firmware	1.2.2
cdatatec	fd1208s-r2_firmware	2.4.03_000:_000
cdatatec	fd1208s-r2_firmware	2.4.04_001:_001
cdatatec	fd1208s-r2_firmware	2.4.05_000:_000
cdatatec	fd1216s-r1_firmware	1.2.2
cdatatec	fd1216s-r1_firmware	2.4.03_000:_000
cdatatec	fd1216s-r1_firmware	2.4.04_001:_001
cdatatec	fd1216s-r1_firmware	2.4.05_000:_000
cdatatec	fd1608gs_firmware	1.2.2
cdatatec	fd1608gs_firmware	2.4.03_000:_000
cdatatec	fd1608gs_firmware	2.4.04_001:_001
cdatatec	fd1608gs_firmware	2.4.05_000:_000
cdatatec	fd1608sn_firmware	1.2.2
cdatatec	fd1608sn_firmware	2.4.03_000:_000
cdatatec	fd1608sn_firmware	2.4.04_001:_001
cdatatec	fd1608sn_firmware	2.4.05_000:_000
cdatatec	fd1616gs_firmware	1.2.2
cdatatec	fd1616gs_firmware	2.4.03_000:_000
cdatatec	fd1616gs_firmware	2.4.04_001:_001
cdatatec	fd1616gs_firmware	2.4.05_000:_000
cdatatec	fd1616sn_firmware	1.2.2
cdatatec	fd1616sn_firmware	2.4.03_000:_000
cdatatec	fd1616sn_firmware	2.4.04_001:_001
cdatatec	fd1616sn_firmware	2.4.05_000:_000
cdatatec	fd8000_firmware	1.2.2
cdatatec	fd8000_firmware	2.4.03_000:_000
cdatatec	fd8000_firmware	2.4.04_001:_001
cdatatec	fd8000_firmware	2.4.05_000:_000

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-319 - Cleartext Transmission of Sensitive Information
The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References

https://pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.html