From e0164e102ec47029f4be3c58e1c852c42f117bcf Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 7 Jan 2018 15:03:08 -0500 Subject: [PATCH] - Synchronized data. --- 2014/10xxx/CVE-2014-10069.json | 66 ++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 2014/10xxx/CVE-2014-10069.json diff --git a/2014/10xxx/CVE-2014-10069.json b/2014/10xxx/CVE-2014-10069.json new file mode 100644 index 00000000000..9e48703b9db --- /dev/null +++ b/2014/10xxx/CVE-2014-10069.json @@ -0,0 +1,66 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2014-10069", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers to obtain sensitive information by decrypting a backup configuration file, as demonstrated by a password hash in the um_auth_account_password field." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://blogger.davidmanouchehri.com/2018/01/hitrons-encryption.html" + }, + { + "url" : "https://github.com/Manouchehri/hitron-cfg-decrypter" + }, + { + "url" : "https://github.com/habohitron/habohitron/blob/6add0d002fe553f0924a3bba197994c53ca7d52d/firmwares/3.1.1.21/analyse/hc.c#L17" + } + ] + } +}