{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T21:02:07.526","vulnerabilities":[{"cve":{"id":"CVE-2018-4062","sourceIdentifier":"talos-cna@cisco.com","published":"2019-05-06T19:29:00.577","lastModified":"2024-11-21T04:06:40.247","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. Activating snmpd outside of the WebUI can cause the activation of the hard-coded credentials, resulting in the exposure of a privileged user. An attacker can activate snmpd without any configuration changes to trigger this vulnerability."},{"lang":"es","value":"Existe una vulnerabilidad de credenciales embebidas en la función snmpd del Sierra Wireless AirLink ES450 FW 4.9.3. La activación de snmpd fuera de la interfaz WebUI puede causar la activación de las credenciales embebidas, que dará como resultado la exposición de un usuario privilegiado. Un atacante puede activar snmpd sin ningún cambio de configuración para desencadenar esta vulnerabilidad."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N\/AC:M\/Au:N\/C:C\/I:C\/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sierrawireless:airlink_es450_firmware:4.9.3:*:*:*:*:*:*:*","matchCriteriaId":"1B67419F-92AF-48DF-873D-F9E0190BFFD0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sierrawireless:airlink_es450:-:*:*:*:*:*:*:*","matchCriteriaId":"3E042BE5-9B2E-42B9-B455-FDB35251B0A6"}]}]}],"references":[{"url":"http:\/\/packetstormsecurity.com\/files\/152647\/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http:\/\/www.securityfocus.com\/bid\/108147","source":"talos-cna@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https:\/\/ics-cert.us-cert.gov\/advisories\/ICSA-19-122-03","source":"talos-cna@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2018-0747","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"http:\/\/packetstormsecurity.com\/files\/152647\/Sierra-Wireless-AirLink-ES450-SNMPD-Hard-Coded-Credentials.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http:\/\/www.securityfocus.com\/bid\/108147","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https:\/\/ics-cert.us-cert.gov\/advisories\/ICSA-19-122-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2018-0747","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}