CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-2966

The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_NAME and LOGIN_USER_PASSWORD (aka LOGIN_PASSWORD) parameters to create hardcoded credentials, which makes it easier for remote attackers to obtain access via a (1) telnet, (2) rlogin, or (3) FTP session.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.0%

CVSS Severity

CVSS v2 Score 7.8

References

Products affected by CVE-2010-2966

Windriver » Vxworks » Version: 5

cpe:2.3:o:windriver:vxworks:5
Windriver » Vxworks » Version: 5.5

cpe:2.3:o:windriver:vxworks:5.5
Windriver » Vxworks » Version: 5.5.1

cpe:2.3:o:windriver:vxworks:5.5.1
Windriver » Vxworks » Version: 6

cpe:2.3:o:windriver:vxworks:6
Windriver » Vxworks » Version: 6.4

cpe:2.3:o:windriver:vxworks:6.4
Windriver » Vxworks » Version: 6.5

cpe:2.3:o:windriver:vxworks:6.5
Windriver » Vxworks » Version: 6.6

cpe:2.3:o:windriver:vxworks:6.6
Windriver » Vxworks » Version: 6.6.3

cpe:2.3:o:windriver:vxworks:6.6.3
Windriver » Vxworks » Version: 6.6.4

cpe:2.3:o:windriver:vxworks:6.6.4
Windriver » Vxworks » Version: 6.6.4.1

cpe:2.3:o:windriver:vxworks:6.6.4.1
Windriver » Vxworks » Version: 6.7

cpe:2.3:o:windriver:vxworks:6.7
Windriver » Vxworks » Version: 6.8

cpe:2.3:o:windriver:vxworks:6.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-2966

Products

Pricing

Contact Us