CVE-2017-2125 - Privilege escalation vulnerability in CentreCOM AR260S V2 remote authenticated attackers to gain pri

CVE-2017-2125

Summary

Privilege escalation vulnerability in CentreCOM AR260S V2 remote authenticated attackers to gain privileges via the guest account.

References

Vulnerable Configurations

cpe:2.3:o:allied_telesis_k.k.:centrecom_ar260s_v2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:allied_telesis_k.k.:centrecom_ar260s_v2_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:allied_telesis_k.k.:centrecom_ar260s_v2:-:*:*:*:*:*:*:*
cpe:2.3:h:allied_telesis_k.k.:centrecom_ar260s_v2:-:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:P/A:P

refmap via4

bid	97249
jvn	JVN#55121369
misc	http://www.allied-telesis.co.jp/support/list/faq/vuls/20170330aen.html

Last major update

03-10-2019 - 00:03

Published

28-04-2017 - 16:59

Last modified

03-10-2019 - 00:03