Vulnerability in Windriver Vxworks

CVE-2010-2967

The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly support a large set of distinct possible passwords, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.020 (83.9th percentile) — read the EPSS interpretation.

Affected products

Windriver Vxworks — versions 6, 6.4, 5.5
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

cve@mitre.org (x_refsource_CONFIRM)
VU#840249 (US Government Resource, x_refsource_CERT-VN, third-party-advisory)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_MISC)