Vulnerability Description
The Jura Internet Connection Kit for the Jura Impressa F90 coffee maker does not properly restrict access to privileged functions, which allows remote attackers to cause a denial of service (physical damage), modify coffee settings, and possibly execute code via a crafted request. NOTE: this issue is being included in CVE because the denial of service may include financial loss or water damage.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juracapecoffee | Internet Connectivity Kit | All versions |
| Juracapecoffee | Jura Impressa | f90 |
Related Weaknesses (CWE)
References
- http://attrition.org/pipermail/vim/2008-June/002002.html
- http://news.cnet.com/8301-10784_3-9970757-7.html
- http://osvdb.org/46407
- http://www.securityfocus.com/archive/1/493387/100/0/threaded
- http://www.securityfocus.com/archive/1/493433/100/0/threaded
- http://www.securityfocus.com/archive/1/493440/100/0/threaded
- http://www.securityfocus.com/bid/29767
- http://attrition.org/pipermail/vim/2008-June/002002.html
- http://news.cnet.com/8301-10784_3-9970757-7.html
- http://osvdb.org/46407
- http://www.securityfocus.com/archive/1/493387/100/0/threaded
- http://www.securityfocus.com/archive/1/493433/100/0/threaded
- http://www.securityfocus.com/archive/1/493440/100/0/threaded
- http://www.securityfocus.com/bid/29767
FAQ
What is CVE-2008-7173?
CVE-2008-7173 is a vulnerability with a CVSS score of 10.0 (HIGH). The Jura Internet Connection Kit for the Jura Impressa F90 coffee maker does not properly restrict access to privileged functions, which allows remote attackers to cause a denial of service (physical ...
How severe is CVE-2008-7173?
CVE-2008-7173 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-7173?
Check the references section above for vendor advisories and patch information. Affected products include: Juracapecoffee Internet Connectivity Kit, Juracapecoffee Jura Impressa.