Vulnerability Description
dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Digital Alert Systems | Dasdec Eas | <= 2.0-1 |
| Monroe Electronics | R189 One-Net Eas | <= 2.0-1 |
References
- http://www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdfVendor Advisory
- http://www.kb.cert.org/vuls/id/662676US Government Resource
- http://www.kb.cert.org/vuls/id/AAMN-98MU7HUS Government Resource
- http://www.kb.cert.org/vuls/id/AAMN-98MUK2US Government Resource
- http://www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-Vendor Advisory
- http://www.digitalalertsystems.com/pdf/130604-Monroe-Security-PR.pdfVendor Advisory
- http://www.kb.cert.org/vuls/id/662676US Government Resource
- http://www.kb.cert.org/vuls/id/AAMN-98MU7HUS Government Resource
- http://www.kb.cert.org/vuls/id/AAMN-98MUK2US Government Resource
- http://www.monroe-electronics.com/MONROE_ELECTRONICS_PDF/130604-Monroe-Security-Vendor Advisory
FAQ
What is CVE-2013-4734?
CVE-2013-4734 is a vulnerability with a CVSS score of 7.5 (HIGH). dasdec_mkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier fo...
How severe is CVE-2013-4734?
CVE-2013-4734 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4734?
Check the references section above for vendor advisories and patch information. Affected products include: Digital Alert Systems Dasdec Eas, Monroe Electronics R189 One-Net Eas.