CVE: CVE-2005-3140

Export to Word

Procom NetFORCE 800 4.02 M10 Build 20 and possibly other versions sends the NIS password map (passwd.nis) as a file attachment in diagnostic e-mail messages, which allows remote attackers to obtain the cleartext NIS password hashes.

Threat-Mapped Scoring

Score: 3.25

Priority: P2 - Serious (High)

S1 – Steal Customer Account Information
S9 – Sabotage of System/App (+0.25 bonus)

EPSS

Score: 0.0047
Percentile: 0.63616

CVSS Scoring

CVSS v3.1 Score: 7.5

Severity: HIGH

Mapped CWE(s)

CWE-319 : Cleartext Transmission of Sensitive Information

All CAPEC(s)

CAPEC-102: Session Sidejacking
CAPEC-117: Interception
CAPEC-383: Harvesting Information via API Event Monitoring
CAPEC-477: Signature Spoofing by Mixing Signed and Unsigned Content
CAPEC-65: Sniff Application Code

CAPEC(s) with Mapped TTPs

CAPEC-383: Harvesting Information via API Event Monitoring
Mapped TTPs:
- T1056.004 : Credential API Hooking
CAPEC-65: Sniff Application Code
Mapped TTPs:
- T1040 : Network Sniffing

Mapped ATT&CK TTPs

T1056.004 : Credential API Hooking
Kill Chain: collection
T1040 : Network Sniffing
Kill Chain: credential-access

Malware

APTs Threat Group Associations

Campaigns

ArcaneDoor
2015 Ukraine Electric Power Attack

Affected Products

cpe:2.3:o:procom:netforce_800_firmware:4.02:m10:*:*:*:*:*:*

← Back to Home