exploitDog

CVE-2012-2974

Опубликовано: 19 июл. 2012

Источник: nvd

CVSS2: 10

EPSS Низкий

Описание

The web interface on the SMC SMC8024L2 switch allows remote attackers to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3) ports/, (4) trunks/, (5) vlans/, (6) qos/, (7) rstp/, (8) dot1x/, (9) security/, (10) igmps/, or (11) snmp/.

Ссылки

http://www.kb.cert.org/vuls/id/377915
US Government Resource
http://www.securitytracker.com/id?1027285
http://www.kb.cert.org/vuls/id/377915
US Government Resource
http://www.securitytracker.com/id?1027285

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:smc:smc8024l2_switch:*:*:*:*:*:*:*:*

EPSS

Процентиль: 62%

0.00429

Низкий

10 Critical

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-44hm-px5x-jx2q

github

больше 3 лет назад

The web interface on the SMC SMC8024L2 switch allows remote attackers to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3) ports/, (4) trunks/, (5) vlans/, (6) qos/, (7) rstp/, (8) dot1x/, (9) security/, (10) igmps/, or (11) snmp/.

EPSS

Процентиль: 62%

0.00429

Низкий

10 Critical

CVSS2

Дефекты

CWE-287