Vulnerability Description
Grand MA 300 allows retrieval of the access PIN from sniffed data.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Granding | Grand Ma300 Firmware | 6.60 |
| Granding | Grand Ma300 | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/128003/Grand-MA-300-Fingerprint-Reader-WeakExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2014/Aug/70ExploitMailing ListThird Party Advisory
- http://www.securityfocus.com/bid/69390Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95484Third Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/128003/Grand-MA-300-Fingerprint-Reader-WeakExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2014/Aug/70ExploitMailing ListThird Party Advisory
- http://www.securityfocus.com/bid/69390Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95484Third Party AdvisoryVDB Entry
FAQ
What is CVE-2014-5380?
CVE-2014-5380 is a vulnerability with a CVSS score of 7.5 (HIGH). Grand MA 300 allows retrieval of the access PIN from sniffed data.
How severe is CVE-2014-5380?
CVE-2014-5380 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-5380?
Check the references section above for vendor advisories and patch information. Affected products include: Granding Grand Ma300 Firmware, Granding Grand Ma300.