1. CVE-Search
  2. CVE-2007-3012
ID CVE-2007-3012
Summary The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using (1) config/ip_management.htm and (2) config/snmp_config.htm.
References
Vulnerable Configurations
  • cpe:2.3:h:fujitsu:primergy_bx300:*:*:*:*:*:*:*:*
    cpe:2.3:h:fujitsu:primergy_bx300:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 16-10-2018 - 16:46)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 24761
bugtraq 20070704 Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure
misc http://www.redteam-pentesting.de/advisories/rt-sa-2007-003.php
osvdb 37837
secunia 25943
vupen ADV-2007-2442
xf primergy-web-interface-info-disclosure(35264)
Last major update 16-10-2018 - 16:46
Published 05-07-2007 - 19:30
Last modified 16-10-2018 - 16:46
Back to Top