Find a vulnerability
Search criteria
9 vulnerabilities by gigastone
VAR-201909-0869
Vulnerability from variot - Updated: 2024-11-23 22:33A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 allows an attacker to get/reset administrator’s password without any authentication. Smart Battery A4 Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Smart Battery A4 is a portable power supply device. An attacker could exploit this vulnerability to obtain/reset the administrator password without authentication
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-0869",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smart battery a4",
"scope": "lte",
"trust": 1.0,
"vendor": "gigastone",
"version": "r1.7.9"
},
{
"model": "smart battery a4",
"scope": null,
"trust": 0.8,
"vendor": "gigastone",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009696"
},
{
"db": "NVD",
"id": "CVE-2019-15068"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:gigastone:smart_battery_a4_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009696"
}
]
},
"cve": "CVE-2019-15068",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-15068",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-147077",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-15068",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-15068",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-15068",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-15068",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-1179",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-147077",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009696"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1179"
},
{
"db": "NVD",
"id": "CVE-2019-15068"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?\u003c= r1.7.9 allows an attacker to get/reset administrator\u2019s password without any authentication. Smart Battery A4 Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Smart Battery A4 is a portable power supply device. An attacker could exploit this vulnerability to obtain/reset the administrator password without authentication",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-15068"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009696"
},
{
"db": "VULHUB",
"id": "VHN-147077"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-15068",
"trust": 2.5
},
{
"db": "TWCERT",
"id": "TVN-201908003",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009696",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1179",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-147077",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009696"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1179"
},
{
"db": "NVD",
"id": "CVE-2019-15068"
}
]
},
"id": "VAR-201909-0869",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-147077"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:33:45.589000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Smart Battery A4",
"trust": 0.8,
"url": "https://www.gigastone.com/EN/product/c/2/n/15"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009696"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-306",
"trust": 1.1
},
{
"problemtype": "CWE-284",
"trust": 1.0
},
{
"problemtype": "CWE-287",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009696"
},
{
"db": "NVD",
"id": "CVE-2019-15068"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.twcert.org.tw/subpages/servethepublic/public_document_details.aspx?lang=en-us\u0026id=45"
},
{
"trust": 1.7,
"url": "https://tvn.twcert.org.tw/taiwanvn/tvn-201908003"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15068"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15068"
},
{
"trust": 0.1,
"url": "https://www.twcert.org.tw/subpages/servethepublic/public_document_details.aspx?lang=en-us\u0026amp;id=45"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009696"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1179"
},
{
"db": "NVD",
"id": "CVE-2019-15068"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-147077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009696"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1179"
},
{
"db": "NVD",
"id": "CVE-2019-15068"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-25T00:00:00",
"db": "VULHUB",
"id": "VHN-147077"
},
{
"date": "2019-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009696"
},
{
"date": "2019-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-1179"
},
{
"date": "2019-09-25T19:15:10.563000",
"db": "NVD",
"id": "CVE-2019-15068"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-147077"
},
{
"date": "2019-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009696"
},
{
"date": "2020-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-1179"
},
{
"date": "2024-11-21T04:27:59.363000",
"db": "NVD",
"id": "CVE-2019-15068"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-1179"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Smart Battery A4 Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009696"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-1179"
}
],
"trust": 0.6
}
}
VAR-201909-0870
Vulnerability from variot - Updated: 2024-11-23 22:16An unsafe authentication interface was discovered in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 . An attacker can bypass authentication without modifying device file and gain web page management privilege. Smart Battery A4 Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-0870",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smart battery a4",
"scope": "lte",
"trust": 1.0,
"vendor": "gigastone",
"version": "r1.7.9"
},
{
"model": "smart battery a4",
"scope": null,
"trust": 0.8,
"vendor": "gigastone",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009697"
},
{
"db": "NVD",
"id": "CVE-2019-15069"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:gigastone:smart_battery_a4_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009697"
}
]
},
"cve": "CVE-2019-15069",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-15069",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-147078",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-15069",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-15069",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-15069",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-15069",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-1178",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-147078",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147078"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009697"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1178"
},
{
"db": "NVD",
"id": "CVE-2019-15069"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An unsafe authentication interface was discovered in Smart Battery A4, a multifunctional portable charger, firmware version ?\u003c= r1.7.9 . An attacker can bypass authentication without modifying device file and gain web page management privilege. Smart Battery A4 Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-15069"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009697"
},
{
"db": "VULHUB",
"id": "VHN-147078"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-15069",
"trust": 2.5
},
{
"db": "TWCERT",
"id": "TVN-201908004",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009697",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1178",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-147078",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147078"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009697"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1178"
},
{
"db": "NVD",
"id": "CVE-2019-15069"
}
]
},
"id": "VAR-201909-0870",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-147078"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:16:49.842000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Smart Battery A4",
"trust": 0.8,
"url": "https://www.gigastone.com/EN/product/c/2/n/15"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009697"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-287",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147078"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009697"
},
{
"db": "NVD",
"id": "CVE-2019-15069"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.twcert.org.tw/subpages/servethepublic/public_document_details.aspx?lang=en-us\u0026id=46"
},
{
"trust": 1.7,
"url": "https://tvn.twcert.org.tw/taiwanvn/tvn-201908004"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15069"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15069"
},
{
"trust": 0.1,
"url": "https://www.twcert.org.tw/subpages/servethepublic/public_document_details.aspx?lang=en-us\u0026amp;id=46"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147078"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009697"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1178"
},
{
"db": "NVD",
"id": "CVE-2019-15069"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-147078"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009697"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1178"
},
{
"db": "NVD",
"id": "CVE-2019-15069"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-25T00:00:00",
"db": "VULHUB",
"id": "VHN-147078"
},
{
"date": "2019-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009697"
},
{
"date": "2019-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-1178"
},
{
"date": "2019-09-25T19:15:10.627000",
"db": "NVD",
"id": "CVE-2019-15069"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-147078"
},
{
"date": "2019-09-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009697"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-1178"
},
{
"date": "2024-11-21T04:27:59.487000",
"db": "NVD",
"id": "CVE-2019-15069"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-1178"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Smart Battery A4 Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009697"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-1178"
}
],
"trust": 0.6
}
}
VAR-201909-0868
Vulnerability from variot - Updated: 2024-11-23 21:59An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware version ?<= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6. An attacker can bypass authentication and gain privilege by modifying the login page. Smart Battery A2-25DE Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-0868",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "smart battery a2-25de",
"scope": "lte",
"trust": 1.0,
"vendor": "gigastone",
"version": "2013-10-16"
},
{
"model": "smart battery a2-25de",
"scope": null,
"trust": 0.8,
"vendor": "gigastone",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009985"
},
{
"db": "NVD",
"id": "CVE-2019-15067"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:gigastone:smart_battery_a2-25de_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009985"
}
]
},
"cve": "CVE-2019-15067",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-15067",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-147076",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-15067",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-15067",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-15067",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-15067",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-1177",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-147076",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147076"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009985"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1177"
},
{
"db": "NVD",
"id": "CVE-2019-15067"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware version ?\u003c= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6. An attacker can bypass authentication and gain privilege by modifying the login page. Smart Battery A2-25DE Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-15067"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009985"
},
{
"db": "VULHUB",
"id": "VHN-147076"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-15067",
"trust": 2.5
},
{
"db": "TWCERT",
"id": "TVN-201908002",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009985",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1177",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-147076",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147076"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009985"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1177"
},
{
"db": "NVD",
"id": "CVE-2019-15067"
}
]
},
"id": "VAR-201909-0868",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-147076"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:59:41.344000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Smart Battery A2-25DE",
"trust": 0.8,
"url": "https://www.gigastone.com/EN/product/c/2/n2/29"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009985"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-287",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147076"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009985"
},
{
"db": "NVD",
"id": "CVE-2019-15067"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.twcert.org.tw/subpages/servethepublic/public_document_details.aspx?lang=en-us\u0026id=44"
},
{
"trust": 1.7,
"url": "https://tvn.twcert.org.tw/taiwanvn/tvn-201908002"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15067"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15067"
},
{
"trust": 0.1,
"url": "https://www.twcert.org.tw/subpages/servethepublic/public_document_details.aspx?lang=en-us\u0026amp;id=44"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-147076"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009985"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1177"
},
{
"db": "NVD",
"id": "CVE-2019-15067"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-147076"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009985"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1177"
},
{
"db": "NVD",
"id": "CVE-2019-15067"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-25T00:00:00",
"db": "VULHUB",
"id": "VHN-147076"
},
{
"date": "2019-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009985"
},
{
"date": "2019-09-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-1177"
},
{
"date": "2019-09-25T19:15:10.487000",
"db": "NVD",
"id": "CVE-2019-15067"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-08-24T00:00:00",
"db": "VULHUB",
"id": "VHN-147076"
},
{
"date": "2019-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009985"
},
{
"date": "2020-08-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-1177"
},
{
"date": "2024-11-21T04:27:59.230000",
"db": "NVD",
"id": "CVE-2019-15067"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-1177"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Smart Battery A2-25DE Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009985"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-1177"
}
],
"trust": 0.6
}
}
CVE-2019-15069 (GCVE-0-2019-15069)
Vulnerability from nvd – Published: 2019-09-25 18:10 – Updated: 2024-09-17 02:32- unsafe authentication interface
| URL | Tags |
|---|---|
| https://tvn.twcert.org.tw/taiwanvn/TVN-201908004 | x_refsource_CONFIRM |
| https://www.twcert.org.tw/subpages/ServeThePublic… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Gigastone | Smart Battery A4 |
Unknown:
Firmware , ≤ r1.7.9
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:34:53.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908004"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=46"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Battery A4",
"vendor": "Gigastone",
"versions": [
{
"lessThanOrEqual": "r1.7.9",
"status": "unknown",
"version": "Firmware",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng"
}
],
"datePublic": "2019-09-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An unsafe authentication interface was discovered in Smart Battery A4, a multifunctional portable charger, firmware version ?\u003c= r1.7.9 . An attacker can bypass authentication without modifying device file and gain web page management privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unsafe authentication interface",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T18:10:15.000Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908004"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=46"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "An unsafe authentication interface was discovered in Smart Battery A4",
"x_generator": {
"engine": "Vulnogram 0.0.8"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2019-09-24T16:00:00.000Z",
"ID": "CVE-2019-15069",
"STATE": "PUBLIC",
"TITLE": "An unsafe authentication interface was discovered in Smart Battery A4"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Smart Battery A4",
"version": {
"version_data": [
{
"version_affected": "?\u003c=",
"version_name": "Firmware",
"version_value": "r1.7.9"
}
]
}
}
]
},
"vendor_name": "Gigastone"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unsafe authentication interface was discovered in Smart Battery A4, a multifunctional portable charger, firmware version ?\u003c= r1.7.9 . An attacker can bypass authentication without modifying device file and gain web page management privilege."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unsafe authentication interface"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908004",
"refsource": "CONFIRM",
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908004"
},
{
"name": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=46",
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=46"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2019-15069",
"datePublished": "2019-09-25T18:10:15.721Z",
"dateReserved": "2019-08-15T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:32:36.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15068 (GCVE-0-2019-15068)
Vulnerability from nvd – Published: 2019-09-25 18:10 – Updated: 2024-09-16 21:02- CWE-284 - Improper Access Control
| URL | Tags |
|---|---|
| https://tvn.twcert.org.tw/taiwanvn/TVN-201908003 | x_refsource_CONFIRM |
| https://www.twcert.org.tw/subpages/ServeThePublic… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Gigastone | Smart Battery A4 |
Unknown:
Firmware , ≤ r1.7.9
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:34:53.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=45"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Battery A4",
"vendor": "Gigastone",
"versions": [
{
"lessThanOrEqual": "r1.7.9",
"status": "unknown",
"version": "Firmware",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng"
}
],
"datePublic": "2019-09-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?\u003c= r1.7.9 allows an attacker to get/reset administrator\u2019s password without any authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T18:10:15.000Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=45"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "A broken access control vulnerability discovered in Smart Battery A4",
"x_generator": {
"engine": "Vulnogram 0.0.8"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2019-09-24T16:00:00.000Z",
"ID": "CVE-2019-15068",
"STATE": "PUBLIC",
"TITLE": "A broken access control vulnerability discovered in Smart Battery A4"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Smart Battery A4",
"version": {
"version_data": [
{
"version_affected": "?\u003c=",
"version_name": "Firmware",
"version_value": "r1.7.9"
}
]
}
}
]
},
"vendor_name": "Gigastone"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?\u003c= r1.7.9 allows an attacker to get/reset administrator\u2019s password without any authentication."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908003",
"refsource": "CONFIRM",
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908003"
},
{
"name": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=45",
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=45"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2019-15068",
"datePublished": "2019-09-25T18:10:15.674Z",
"dateReserved": "2019-08-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T21:02:47.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15067 (GCVE-0-2019-15067)
Vulnerability from nvd – Published: 2019-09-25 18:10 – Updated: 2024-09-16 17:48- Authentication bypass
| URL | Tags |
|---|---|
| https://tvn.twcert.org.tw/taiwanvn/TVN-201908002 | x_refsource_CONFIRM |
| https://www.twcert.org.tw/subpages/ServeThePublic… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Gigastone | Smart Battery A2-25DE |
Unknown:
Firmware , ≤ SECFS-2013-10-16-13:42:58-629c30ee-60c68be6
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:34:53.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908002"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=44"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Battery A2-25DE",
"vendor": "Gigastone",
"versions": [
{
"lessThanOrEqual": "SECFS-2013-10-16-13:42:58-629c30ee-60c68be6",
"status": "unknown",
"version": "Firmware",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng, Julian Chen"
}
],
"datePublic": "2019-09-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware version ?\u003c= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6. An attacker can bypass authentication and gain privilege by modifying the login page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T18:10:15.000Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908002"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=44"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "An authentication bypass vulnerability discovered in Smart Battery A2-25DE",
"x_generator": {
"engine": "Vulnogram 0.0.8"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2019-09-24T16:00:00.000Z",
"ID": "CVE-2019-15067",
"STATE": "PUBLIC",
"TITLE": "An authentication bypass vulnerability discovered in Smart Battery A2-25DE"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Smart Battery A2-25DE",
"version": {
"version_data": [
{
"version_affected": "?\u003c=",
"version_name": "Firmware",
"version_value": "SECFS-2013-10-16-13:42:58-629c30ee-60c68be6"
}
]
}
}
]
},
"vendor_name": "Gigastone"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng, Julian Chen"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware version ?\u003c= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6. An attacker can bypass authentication and gain privilege by modifying the login page."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908002",
"refsource": "CONFIRM",
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908002"
},
{
"name": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=44",
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=44"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2019-15067",
"datePublished": "2019-09-25T18:10:15.597Z",
"dateReserved": "2019-08-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:48:11.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15069 (GCVE-0-2019-15069)
Vulnerability from cvelistv5 – Published: 2019-09-25 18:10 – Updated: 2024-09-17 02:32- unsafe authentication interface
| URL | Tags |
|---|---|
| https://tvn.twcert.org.tw/taiwanvn/TVN-201908004 | x_refsource_CONFIRM |
| https://www.twcert.org.tw/subpages/ServeThePublic… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Gigastone | Smart Battery A4 |
Unknown:
Firmware , ≤ r1.7.9
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:34:53.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908004"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=46"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Battery A4",
"vendor": "Gigastone",
"versions": [
{
"lessThanOrEqual": "r1.7.9",
"status": "unknown",
"version": "Firmware",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng"
}
],
"datePublic": "2019-09-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An unsafe authentication interface was discovered in Smart Battery A4, a multifunctional portable charger, firmware version ?\u003c= r1.7.9 . An attacker can bypass authentication without modifying device file and gain web page management privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unsafe authentication interface",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T18:10:15.000Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908004"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=46"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "An unsafe authentication interface was discovered in Smart Battery A4",
"x_generator": {
"engine": "Vulnogram 0.0.8"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2019-09-24T16:00:00.000Z",
"ID": "CVE-2019-15069",
"STATE": "PUBLIC",
"TITLE": "An unsafe authentication interface was discovered in Smart Battery A4"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Smart Battery A4",
"version": {
"version_data": [
{
"version_affected": "?\u003c=",
"version_name": "Firmware",
"version_value": "r1.7.9"
}
]
}
}
]
},
"vendor_name": "Gigastone"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unsafe authentication interface was discovered in Smart Battery A4, a multifunctional portable charger, firmware version ?\u003c= r1.7.9 . An attacker can bypass authentication without modifying device file and gain web page management privilege."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unsafe authentication interface"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908004",
"refsource": "CONFIRM",
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908004"
},
{
"name": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=46",
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=46"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2019-15069",
"datePublished": "2019-09-25T18:10:15.721Z",
"dateReserved": "2019-08-15T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:32:36.703Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15068 (GCVE-0-2019-15068)
Vulnerability from cvelistv5 – Published: 2019-09-25 18:10 – Updated: 2024-09-16 21:02- CWE-284 - Improper Access Control
| URL | Tags |
|---|---|
| https://tvn.twcert.org.tw/taiwanvn/TVN-201908003 | x_refsource_CONFIRM |
| https://www.twcert.org.tw/subpages/ServeThePublic… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Gigastone | Smart Battery A4 |
Unknown:
Firmware , ≤ r1.7.9
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:34:53.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=45"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Battery A4",
"vendor": "Gigastone",
"versions": [
{
"lessThanOrEqual": "r1.7.9",
"status": "unknown",
"version": "Firmware",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng"
}
],
"datePublic": "2019-09-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?\u003c= r1.7.9 allows an attacker to get/reset administrator\u2019s password without any authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T18:10:15.000Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=45"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "A broken access control vulnerability discovered in Smart Battery A4",
"x_generator": {
"engine": "Vulnogram 0.0.8"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2019-09-24T16:00:00.000Z",
"ID": "CVE-2019-15068",
"STATE": "PUBLIC",
"TITLE": "A broken access control vulnerability discovered in Smart Battery A4"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Smart Battery A4",
"version": {
"version_data": [
{
"version_affected": "?\u003c=",
"version_name": "Firmware",
"version_value": "r1.7.9"
}
]
}
}
]
},
"vendor_name": "Gigastone"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?\u003c= r1.7.9 allows an attacker to get/reset administrator\u2019s password without any authentication."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908003",
"refsource": "CONFIRM",
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908003"
},
{
"name": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=45",
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=45"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2019-15068",
"datePublished": "2019-09-25T18:10:15.674Z",
"dateReserved": "2019-08-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T21:02:47.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15067 (GCVE-0-2019-15067)
Vulnerability from cvelistv5 – Published: 2019-09-25 18:10 – Updated: 2024-09-16 17:48- Authentication bypass
| URL | Tags |
|---|---|
| https://tvn.twcert.org.tw/taiwanvn/TVN-201908002 | x_refsource_CONFIRM |
| https://www.twcert.org.tw/subpages/ServeThePublic… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Gigastone | Smart Battery A2-25DE |
Unknown:
Firmware , ≤ SECFS-2013-10-16-13:42:58-629c30ee-60c68be6
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:34:53.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908002"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=44"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Battery A2-25DE",
"vendor": "Gigastone",
"versions": [
{
"lessThanOrEqual": "SECFS-2013-10-16-13:42:58-629c30ee-60c68be6",
"status": "unknown",
"version": "Firmware",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng, Julian Chen"
}
],
"datePublic": "2019-09-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware version ?\u003c= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6. An attacker can bypass authentication and gain privilege by modifying the login page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T18:10:15.000Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908002"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=44"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "An authentication bypass vulnerability discovered in Smart Battery A2-25DE",
"x_generator": {
"engine": "Vulnogram 0.0.8"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2019-09-24T16:00:00.000Z",
"ID": "CVE-2019-15067",
"STATE": "PUBLIC",
"TITLE": "An authentication bypass vulnerability discovered in Smart Battery A2-25DE"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Smart Battery A2-25DE",
"version": {
"version_data": [
{
"version_affected": "?\u003c=",
"version_name": "Firmware",
"version_value": "SECFS-2013-10-16-13:42:58-629c30ee-60c68be6"
}
]
}
}
]
},
"vendor_name": "Gigastone"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Leon Chen, Y.D. Chen, Laura Tzou, Mars Cheng, Julian Chen"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware version ?\u003c= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6. An attacker can bypass authentication and gain privilege by modifying the login page."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.8"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908002",
"refsource": "CONFIRM",
"url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201908002"
},
{
"name": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=44",
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/subpages/ServeThePublic/public_document_details.aspx?lang=en-US\u0026id=44"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2019-15067",
"datePublished": "2019-09-25T18:10:15.597Z",
"dateReserved": "2019-08-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:48:11.809Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}