ByteOS Network

NVD Vulnerability Details :

CVE-2012-4577

Deferred

Source-cve@mitre.org

Published At-21 Aug, 2012 | 18:55

Updated At-11 Apr, 2025 | 00:51

The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

korenix>>jetport>>5601

cpe:2.3:h:korenix:jetport:5601:*:*:*:*:*:*:*

korenix>>jetport>>5601f

cpe:2.3:h:korenix:jetport:5601f:*:*:*:*:*:*:*

korenix>>jetport>>5604

cpe:2.3:h:korenix:jetport:5604:*:*:*:*:*:*:*

korenix>>jetport>>5604i

cpe:2.3:h:korenix:jetport:5604i:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-255	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02	cve@mitre.org	N/A
http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02	cve@mitre.org	N/A
http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity	cve@mitre.org	N/A
http://www.securityfocus.com/bid/55196	cve@mitre.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/77992	cve@mitre.org	N/A
http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02	af854a3a-2127-422b-91ae-364da2661108	N/A
http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/55196	af854a3a-2127-422b-91ae-364da2661108	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/77992	af854a3a-2127-422b-91ae-364da2661108	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History