Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2013-0137

CVE information

Published

9 years ago

Last Modified

2 years ago

CVSSv2.0 Severity

High

Impact Analysis

Description

The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session..

CVSSv2.0 Score

Severity
High
Base Score
10/10
Exploit Score
10/10
Access Vector
Network
Access Complexity
Low
Authentication Required
None
Impact Score
10/10
Confidentiality Impact
Complete
Availability Impact
Complete
Integrity Impact
Complete

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:h:monroe_electronics:r189_one-net_eas:*:*:*:*:*:*:*:
  Yes
- -
cpe:2.3:h:monroe_electronics:r189_one-net_eas:2.0-0:*:*:*:*:
  Yes
- -
cpe:2.3:h:digital_alert_systems:dasdec_eas:2.0-0:*:*:*:*:*:*
  Yes
- -
cpe:2.3:h:digital_alert_systems:dasdec_eas:*:*:*:*:*:*:*:*
  Yes
- -