Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use of hardcoded certificate and private key
Vulnerability Description
Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate and private key. An attacker with access to these items could potentially perform a man in the middle attack between the ACEManager client and ACEManager server.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
使用硬编码的密码学密钥
Vulnerability Title
Sierra Wireless ALEOS 安全漏洞
Vulnerability Description
Sierra Wireless ALEOS(AAF)是加拿大Sierra Wireless公司的用于在Sierra Wireless AirLink网关中创建应用程序的框架。 Sierra Wireless ALEOS 4.16及之前版本存在安全漏洞,该漏洞源于使用硬编码SSL 证书和私钥,有权访问这些项目的攻击者可以执行中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A