CVE-2014-4876 Information

Description

Toshiba 4690 Operating System 6 Release 3 when the ADXSITCF logical name is not properly restricted allows remote attackers to read potentially sensitive system environment variables via a crafted request to TCP port 54138.

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Reference

https://www.kb.cert.org/vuls/id/924506 https://www.kb.cert.org/vuls/id/JLAD-9X4TDL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

NONE

Base Score

NONE

Base Severity

3.7