exploitDog

CVE-2012-4362

Опубликовано: 20 авг. 2012

Источник: nvd

CVSS2: 4

EPSS Средний

Описание

hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838.

Ссылки

http://www.exploit-db.com/exploits/18893/
Exploit
http://www.exploit-db.com/exploits/18901/
Exploit
http://www.kb.cert.org/vuls/id/441363
US Government Resource
http://www.exploit-db.com/exploits/18893/
Exploit
http://www.exploit-db.com/exploits/18901/
Exploit
http://www.kb.cert.org/vuls/id/441363
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:hp:san\/iq:9.5:*:*:*:*:*:*:*

cpe:2.3:h:hp:virtual_san_appliance:-:*:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.24105

Средний

4 Medium

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-8h29-3hc6-h9fv

github

больше 3 лет назад

hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838.

EPSS

Процентиль: 96%

0.24105

Средний

4 Medium

CVSS2

Дефекты

CWE-255