Search
Find a vulnerability
Search criteria
3 vulnerabilities by exagrid
VAR-201704-0308
Vulnerability from variot - Updated: 2025-04-20 23:32ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session. ExaGrid is prone to multiple unauthorized-access vulnerabilities. Successfully exploiting these issues may allow an attacker to gain unauthorized access, obtain sensitive information and perform unauthorized actions; This may lead to other attacks. ExaGrid is a backup and recovery storage device based on the Linux platform of ExaGrid Company of the United States that provides deduplication function. ExaGrid appliances using firmware versions prior to 4.8 P26 have a security vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0308",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ex10000e",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex13000e",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex21000e",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex3000",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex32000e",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex40000e",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex5000",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008502"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-168"
},
{
"db": "NVD",
"id": "CVE-2016-1560"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:exagrid:ex10000e_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex13000e_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex21000e_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex3000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex32000e_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex40000e_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex5000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex7000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008502"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "egypt",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-168"
}
],
"trust": 0.6
},
"cve": "CVE-2016-1560",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1560",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-90379",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1560",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1560",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2016-1560",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-168",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-90379",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-1560",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90379"
},
{
"db": "VULMON",
"id": "CVE-2016-1560"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008502"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-168"
},
{
"db": "NVD",
"id": "CVE-2016-1560"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session. ExaGrid is prone to multiple unauthorized-access vulnerabilities. \nSuccessfully exploiting these issues may allow an attacker to gain unauthorized access, obtain sensitive information and perform unauthorized actions; This may lead to other attacks. ExaGrid is a backup and recovery storage device based on the Linux platform of ExaGrid Company of the United States that provides deduplication function. ExaGrid appliances using firmware versions prior to 4.8 P26 have a security vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1560"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008502"
},
{
"db": "BID",
"id": "86020"
},
{
"db": "VULHUB",
"id": "VHN-90379"
},
{
"db": "VULMON",
"id": "CVE-2016-1560"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-90379",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41680",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90379"
},
{
"db": "VULMON",
"id": "CVE-2016-1560"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1560",
"trust": 2.9
},
{
"db": "PACKETSTORM",
"id": "136634",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008502",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-168",
"trust": 0.7
},
{
"db": "BID",
"id": "86020",
"trust": 0.4
},
{
"db": "EXPLOIT-DB",
"id": "41680",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-90379",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1560",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90379"
},
{
"db": "VULMON",
"id": "CVE-2016-1560"
},
{
"db": "BID",
"id": "86020"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008502"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-168"
},
{
"db": "NVD",
"id": "CVE-2016-1560"
}
]
},
"id": "VAR-201704-0308",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90379"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-20T23:32:59.860000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.exagrid.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008502"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90379"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008502"
},
{
"db": "NVD",
"id": "CVE-2016-1560"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://packetstormsecurity.com/files/136634/exagrid-known-ssh-key-default-password.html"
},
{
"trust": 1.9,
"url": "http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey"
},
{
"trust": 1.8,
"url": "https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1560"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1560"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/86020"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/41680/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90379"
},
{
"db": "VULMON",
"id": "CVE-2016-1560"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008502"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-168"
},
{
"db": "NVD",
"id": "CVE-2016-1560"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90379"
},
{
"db": "VULMON",
"id": "CVE-2016-1560"
},
{
"db": "BID",
"id": "86020"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008502"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-168"
},
{
"db": "NVD",
"id": "CVE-2016-1560"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-21T00:00:00",
"db": "VULHUB",
"id": "VHN-90379"
},
{
"date": "2017-04-21T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1560"
},
{
"date": "2016-04-06T00:00:00",
"db": "BID",
"id": "86020"
},
{
"date": "2017-05-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008502"
},
{
"date": "2016-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-168"
},
{
"date": "2017-04-21T20:59:00.447000",
"db": "NVD",
"id": "CVE-2016-1560"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-27T00:00:00",
"db": "VULHUB",
"id": "VHN-90379"
},
{
"date": "2017-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1560"
},
{
"date": "2016-04-06T00:00:00",
"db": "BID",
"id": "86020"
},
{
"date": "2017-05-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008502"
},
{
"date": "2017-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-168"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2016-1560"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-168"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ExaGrid Vulnerabilities that can gain management access in appliance firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008502"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-168"
}
],
"trust": 0.6
}
}
VAR-201704-0309
Vulnerability from variot - Updated: 2025-04-20 23:32ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorized_keys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a private key from another installation or a firmware image. ExaGrid is prone to multiple unauthorized-access vulnerabilities. Successfully exploiting these issues may allow an attacker to gain unauthorized access, obtain sensitive information and perform unauthorized actions; This may lead to other attacks. ExaGrid is a backup and recovery storage device based on the Linux platform of ExaGrid Company of the United States that provides deduplication function. ExaGrid appliances using firmware versions prior to 4.8 P26 have a security vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0309",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ex10000e",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex13000e",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex21000e",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex3000",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex32000e",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex40000e",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex5000",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
},
{
"model": "ex7000",
"scope": "eq",
"trust": 2.4,
"vendor": "exagrid",
"version": "4.8"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008503"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-169"
},
{
"db": "NVD",
"id": "CVE-2016-1561"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:exagrid:ex10000e_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex13000e_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex21000e_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex3000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex32000e_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex40000e_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex5000_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:exagrid:ex7000_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008503"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "egypt",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-169"
}
],
"trust": 0.6
},
"cve": "CVE-2016-1561",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2016-1561",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-90380",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2016-1561",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-1561",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-1561",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-169",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90380",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-1561",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90380"
},
{
"db": "VULMON",
"id": "CVE-2016-1561"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008503"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-169"
},
{
"db": "NVD",
"id": "CVE-2016-1561"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorized_keys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a private key from another installation or a firmware image. ExaGrid is prone to multiple unauthorized-access vulnerabilities. \nSuccessfully exploiting these issues may allow an attacker to gain unauthorized access, obtain sensitive information and perform unauthorized actions; This may lead to other attacks. ExaGrid is a backup and recovery storage device based on the Linux platform of ExaGrid Company of the United States that provides deduplication function. ExaGrid appliances using firmware versions prior to 4.8 P26 have a security vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1561"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008503"
},
{
"db": "BID",
"id": "86020"
},
{
"db": "VULHUB",
"id": "VHN-90380"
},
{
"db": "VULMON",
"id": "CVE-2016-1561"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-90380",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=41680",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90380"
},
{
"db": "VULMON",
"id": "CVE-2016-1561"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1561",
"trust": 2.9
},
{
"db": "PACKETSTORM",
"id": "136634",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008503",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-169",
"trust": 0.7
},
{
"db": "BID",
"id": "86020",
"trust": 0.4
},
{
"db": "EXPLOIT-DB",
"id": "41680",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-90380",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-1561",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90380"
},
{
"db": "VULMON",
"id": "CVE-2016-1561"
},
{
"db": "BID",
"id": "86020"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008503"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-169"
},
{
"db": "NVD",
"id": "CVE-2016-1561"
}
]
},
"id": "VAR-201704-0309",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90380"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-20T23:32:59.825000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.exagrid.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008503"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90380"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008503"
},
{
"db": "NVD",
"id": "CVE-2016-1561"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://packetstormsecurity.com/files/136634/exagrid-known-ssh-key-default-password.html"
},
{
"trust": 1.9,
"url": "http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey"
},
{
"trust": 1.8,
"url": "https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1561"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-1561"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.securityfocus.com/bid/86020"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/41680/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90380"
},
{
"db": "VULMON",
"id": "CVE-2016-1561"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008503"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-169"
},
{
"db": "NVD",
"id": "CVE-2016-1561"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90380"
},
{
"db": "VULMON",
"id": "CVE-2016-1561"
},
{
"db": "BID",
"id": "86020"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008503"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-169"
},
{
"db": "NVD",
"id": "CVE-2016-1561"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-21T00:00:00",
"db": "VULHUB",
"id": "VHN-90380"
},
{
"date": "2017-04-21T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1561"
},
{
"date": "2016-04-06T00:00:00",
"db": "BID",
"id": "86020"
},
{
"date": "2017-05-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008503"
},
{
"date": "2016-04-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-169"
},
{
"date": "2017-04-21T20:59:00.477000",
"db": "NVD",
"id": "CVE-2016-1561"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-04-27T00:00:00",
"db": "VULHUB",
"id": "VHN-90380"
},
{
"date": "2017-04-27T00:00:00",
"db": "VULMON",
"id": "CVE-2016-1561"
},
{
"date": "2016-04-06T00:00:00",
"db": "BID",
"id": "86020"
},
{
"date": "2017-05-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008503"
},
{
"date": "2017-04-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-169"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2016-1561"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-169"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ExaGrid In the appliance firmware SSH Vulnerability for which access rights are acquired",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008503"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-169"
}
],
"trust": 0.6
}
}
VAR-201906-0581
Vulnerability from variot - Updated: 2024-11-23 22:55ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory traversal vulnerability, which allows remote attackers to view and retrieve verbose logging information. Files within this directory were observed to contain sensitive run-time information, including Base64 encoded 'support' credentials, leading to administrative access of the device. ExaGrid The appliance firmware contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ExaGrid appliances are a disk backup application. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-0581",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "backup appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "exagrid",
"version": "48.1.1044.p50"
},
{
"model": "backup appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "exagrid",
"version": "4.8.1.1044.p50"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005125"
},
{
"db": "NVD",
"id": "CVE-2019-12310"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:exagrid:backup_appliance_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005125"
}
]
},
"cve": "CVE-2019-12310",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-12310",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-144044",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-12310",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-12310",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-12310",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-020",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-144044",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-12310",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-144044"
},
{
"db": "VULMON",
"id": "CVE-2019-12310"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005125"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-020"
},
{
"db": "NVD",
"id": "CVE-2019-12310"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory traversal vulnerability, which allows remote attackers to view and retrieve verbose logging information. Files within this directory were observed to contain sensitive run-time information, including Base64 encoded \u0027support\u0027 credentials, leading to administrative access of the device. ExaGrid The appliance firmware contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ExaGrid appliances are a disk backup application. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-12310"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005125"
},
{
"db": "VULHUB",
"id": "VHN-144044"
},
{
"db": "VULMON",
"id": "CVE-2019-12310"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-12310",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005125",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201906-020",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-144044",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-12310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-144044"
},
{
"db": "VULMON",
"id": "CVE-2019-12310"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005125"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-020"
},
{
"db": "NVD",
"id": "CVE-2019-12310"
}
]
},
"id": "VAR-201906-0581",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-144044"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:55:31.930000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Resources",
"trust": 0.8,
"url": "https://exagrid.com/exagrid-products/resources/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005125"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-144044"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005125"
},
{
"db": "NVD",
"id": "CVE-2019-12310"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.inquisitllc.com/exagrid-directory-traversal-vulnerability-to-support-credential-extraction/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12310"
},
{
"trust": 1.2,
"url": "https://exagrid.com/exagrid-products/resources/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12310"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-144044"
},
{
"db": "VULMON",
"id": "CVE-2019-12310"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005125"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-020"
},
{
"db": "NVD",
"id": "CVE-2019-12310"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-144044"
},
{
"db": "VULMON",
"id": "CVE-2019-12310"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-005125"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-020"
},
{
"db": "NVD",
"id": "CVE-2019-12310"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-03T00:00:00",
"db": "VULHUB",
"id": "VHN-144044"
},
{
"date": "2019-06-03T00:00:00",
"db": "VULMON",
"id": "CVE-2019-12310"
},
{
"date": "2019-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005125"
},
{
"date": "2019-06-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-020"
},
{
"date": "2019-06-03T19:29:01.923000",
"db": "NVD",
"id": "CVE-2019-12310"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-06-04T00:00:00",
"db": "VULHUB",
"id": "VHN-144044"
},
{
"date": "2019-06-04T00:00:00",
"db": "VULMON",
"id": "CVE-2019-12310"
},
{
"date": "2019-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-005125"
},
{
"date": "2019-06-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-020"
},
{
"date": "2024-11-21T04:22:36.087000",
"db": "NVD",
"id": "CVE-2019-12310"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-020"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ExaGrid Path traversal vulnerability in appliance firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-005125"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-020"
}
],
"trust": 0.6
}
}