Filtered by vendor Digital Alert Systems
Subscribe
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-0137 | 2 Digital Alert Systems, Monroe Electronics | 2 Dasdec Eas, R189 One-net Eas | 2020-01-29 | 10.0 HIGH | N/A |
The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session. | |||||
CVE-2013-4735 | 2 Digital Alert Systems, Monroe Electronics | 2 Dasdec Eas, R189 One-net Eas | 2013-07-01 | 10.0 HIGH | N/A |
The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 have a default password for an administrative account, which makes it easier for remote attackers to obtain access via an IP network. | |||||
CVE-2013-4734 | 2 Digital Alert Systems, Monroe Electronics | 2 Dasdec Eas, R189 One-net Eas | 2013-07-01 | 7.5 HIGH | N/A |
dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors. | |||||
CVE-2013-4732 | 2 Digital Alert Systems, Monroe Electronics | 2 Dasdec Eas, R189 One-net Eas | 2013-06-30 | 10.0 HIGH | N/A |
** DISPUTED ** The administrative web server on the Digital Alert Systems DASDEC EAS device through 2.0-2 and the Monroe Electronics R189 One-Net EAS device through 2.0-2 uses predictable session ID values, which makes it easier for remote attackers to hijack sessions by sniffing the network. NOTE: VU#662676 states "Monroe Electronics could not reproduce this finding." | |||||
CVE-2013-4733 | 2 Digital Alert Systems, Monroe Electronics | 2 Dasdec Eas, R189 One-net Eas | 2013-06-30 | 7.8 HIGH | N/A |
The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration and status information by reading log files. |