CVE-2007-0932

Sažetak

The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the WLAN.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052382.html
http://osvdb.org/33185
http://secunia.com/advisories/24144
http://securityreason.com/securityalert/2243
http://www.kb.cert.org/vuls/id/613833
http://www.securityfocus.com/archive/1/459927/100/0/threaded
http://www.securityfocus.com/bid/22538
https://exchange.xforce.ibmcloud.com/vulnerabilities/32461

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

16-10-2018 - 16:35

Objavljeno

14-02-2007 - 11:28