Hard-coded credential authentication bypass vulnerability in multiple Datum Systems products

Hard-coded credential authentication bypass vulnerability in multiple Datum Systems products

Release date:
Updated on:

Affected Systems:
Datum Systems PSM-4500
Datum Systems PSM-500
Description:
--------------------------------------------------------------------------------
Bugtraq id: 68514
CVE (CAN) ID: CVE-2014-2951
 
Datum Systems PSM-4500 and PSM-500 are satellite modem series devices.
 
The Datum Systems PSM-4500 and the Datum Systems SnIP operating system on the PSM-500 has a hard-coded credential vulnerability, the system has an undisclosed admin user account and admin password, attackers can exploit this vulnerability to bypass authentication to obtain unauthorized access.
 
<* Source: Narendra Shinde

Link: http://www.kb.cert.org/vuls/id/917348
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
 
Datum Systems
-------------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
 

Http://www.datumsystems.com/products
Http://cwe.mitre.org/data/definitions/798.html
Http://cwe.mitre.org/data/definitions/220.html

This article permanently updates the link address: