Moab
CVE-2014-5300
MEDIUM
Severity by source
AV:N/AC:L/Au:N/C:N/I:P/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:L/Au:N/C:N/I:P/A:N
Lifecycle Timeline
1DescriptionCVE.org
Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 allows remote attackers to bypass the signature check, impersonate arbitrary users, and execute commands via a message without a signature.
AnalysisAI
Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 allows remote attackers to bypass the signature check, impersonate arbitrary users, and execute commands via a message without a signature. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 15.3%.
Technical ContextAI
This vulnerability is classified as Improper Authentication (CWE-287), which allows attackers to bypass authentication mechanisms to gain unauthorized access. Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 allows remote attackers to bypass the signature check, impersonate arbitrary users, and execute commands via a message without a signature. Affected products include: Adaptivecomputing Moab. Version information: before 7.2.9.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement multi-factor authentication, enforce strong password policies, use proven authentication frameworks.
Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0, when a pre-generated key is used, does not validate that the re
The server in Adaptive Computing Moab before 7.2.9 and 8 before 8.0.0 does not properly validate the message owner match
Same weakness CWE-287 – Improper Authentication
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today