CVE-2018-6011

HIGH Year: 2018
CVSS v3 Score
8.1
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-287
View all →

Vulnerability Description

The time-based one-time-password (TOTP) function in the application logic of the Green Electronics RainMachine Mini-8 (2nd generation) uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of Password for Authentication" issue. This is exploitable by an attacker who discovers a hash value in the rainmachine-settings.sqlite file.

Related Vulnerabilities

CVE-2014-0927

HIGH
CVSS:8.1(High)

The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port ...

CWE-2872014

CVE-2014-3999

HIGH
CVSS:8.1(High)

The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN.

CWE-2872014

CVE-2015-0102

HIGH
CVSS:8.1(High)

IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission wit...

CWE-2872015

CVE-2015-3206

HIGH
CVSS:8.1(High)

The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows remote attackers to cause a denial of service (bad response), or have other un...

CWE-2872015

CVE-2015-6817

HIGH
CVSS:8.1(High)

PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username.

CWE-2872015

CVE-2015-7882

HIGH
CVSS:8.1(High)

Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.

CWE-2872015