Lucene search

[email protected]CVE-2005-0112

HistoryApr 14, 2005 - 4:00 a.m.

CVE-2005-0112

2005-04-1404:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

3com

officeconnect

wireless

11g

access point

authentication bypass

remote attack

information disclosure

cve-2005-0112

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

60.3%

JSON

The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs.

CPENameOperatorVersion
3com:3crwe454g723com 3crwe454g72eq1.0.2
3com:3crwe454g723com 3crwe454g72eq1.0.2.11
3com:3crwe454g723com 3crwe454g72eq1.0.3.5

CPE	Name	Operator	Version
3com:3crwe454g72	3com 3crwe454g72	eq	1.0.2
3com:3crwe454g72	3com 3crwe454g72	eq	1.0.2.11
3com:3crwe454g72	3com 3crwe454g72	eq	1.0.3.5

References

secunia.com/advisories/13942

securitytracker.com/id?1012958

www.idefense.com/application/poi/display?id=188&type=vulnerabilities

www.securityfocus.com/bid/12322

exchange.xforce.ibmcloud.com/vulnerabilities/18994

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

60.3%

JSON

Related for CVE-2005-0112

securityvulns1