Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7173

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-7173
Last Modified 09 Sep 2009 12:00:00
Published 08 Sep 2009 06:30:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-7173

Summary

The Jura Internet Connection Kit for the Jura Impressa F90 coffee maker does not properly restrict access to privileged functions, which allows remote attackers to cause a denial of service (physical damage), modify coffee settings, and possibly execute code via a crafted request. NOTE: this issue is being included in CVE because the denial of service may include financial loss or water damage.

Vulnerable Systems

Application

  • Juracapecoffee Internet Connectivity Kit


References

BID - 29767

BUGTRAQ - 20080618 RE: A more detailed description of the Jura F90 vulnerability.

BUGTRAQ - 20080618 A more detailed description of the Jura F90 vulnerability.

BUGTRAQ - 20080617 Hacking Coffee Makers.

OSVDB - 46407

MISC - http://news.cnet.com/8301-10784_3-9970757-7.html

VIM - 20080618 coffee maker hacks - yes or no?


Last Updated: 27 May 2016 10:49:30