Vulnerability in Digital_alert_systems Dasdec_eas

CVE-2013-0137

The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain ro…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.629 (98.4th percentile) — read the EPSS interpretation.

Affected products

Digital_alert_systems Dasdec_eas — versions 2.0-0
Monroe_electronics R189_one-net_eas — versions 2.0-0
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

cret@cert.org (x_refsource_CONFIRM, US Government Resource)
VU#662676 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
cret@cert.org (x_refsource_CONFIRM)
cret@cert.org (x_refsource_CONFIRM, Vendor Advisory)
cret@cert.org (x_refsource_CONFIRM, Vendor Advisory)
cret@cert.org (x_refsource_MISC)