Back to search
CVE-2014-4875
Published: Jun 24, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server (BOSS) DB2 database credentials by leveraging knowledge of this key in conjunction with bossinfo.pro read access.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#301788
third-party-advisory
x_refsource_CERT-VN
http://www.kb.cert.org/vuls/id/JLAD-9X4SPN
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now