Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. Profiles can only be exported by authenticated users with higher privilege of write access.
Los archivos de perfil de las radios de la serie TRO600 se extraen en formato de texto plano y en formato de archivo cifrado. Los archivos de perfil proporcionan a los posibles atacantes informaciĆ³n valiosa sobre la configuraciĆ³n de la red Tropos. Los perfiles solo pueden ser exportados por usuarios autenticados con acceso de escritura.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | HIGH |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | NONE |
| Availability Impact | NONE |
| Source | Type | Description |
|---|---|---|
| [email protected] | Secondary |
en
CWE-212
|
| [email protected] | Primary |
en
CWE-212
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| hitachienergy | tro610_firmware | * | <built-in method update of dict object at 0x72a9b0c990c0> | Operating System |
| hitachienergy | tro620_firmware | * | <built-in method update of dict object at 0x72a9cc557440> | Operating System |
| hitachienergy | tro670_firmware | * | <built-in method update of dict object at 0x72a9cd0c2b80> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:tro610_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:tro610:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:tro620_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:tro620:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:hitachienergy:tro670_firmware:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| No | cpe:2.3:h:hitachienergy:tro670:-:*:*:*:*:*:*:* |