ID |
CVE-2005-0112
|
Summary |
The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:h:3com:3crwe454g72:1.0.2:*:*:*:*:*:*:*
cpe:2.3:h:3com:3crwe454g72:1.0.2:*:*:*:*:*:*:*
-
cpe:2.3:h:3com:3crwe454g72:1.0.2.11:*:*:*:*:*:*:*
cpe:2.3:h:3com:3crwe454g72:1.0.2.11:*:*:*:*:*:*:*
-
cpe:2.3:h:3com:3crwe454g72:1.0.3.5:*:*:*:*:*:*:*
cpe:2.3:h:3com:3crwe454g72:1.0.3.5:*:*:*:*:*:*:*
|
CVSS |
Base: | 5.0 (as of 11-07-2017 - 01:32) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
NONE |
NONE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
refmap
via4
|
bid | 12322 | idefense | 20050120 3Com OfficeConnect Wireless 11g AP Information Disclosure Vulnerability | sectrack | 1012958 | secunia | 13942 | xf | 3com-officeconnect-information-disclosure(18994) |
|
Last major update |
11-07-2017 - 01:32 |
Published |
14-04-2005 - 04:00 |
Last modified |
11-07-2017 - 01:32 |