Lucene search

[email protected]CVE-2005-2027

HistoryOct 03, 2022 - 4:22 p.m.

CVE-2005-2027

2022-10-0316:22:48

[email protected]

web.nvd.nist.gov

enterasys

vertical horizon

vh-2402s

firmware

vulnerability

debug command

restriction

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

59.7%

JSON

Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 does not properly restrict certain debugging commands to the ADMIN account, which could allow attackers to obtain sensitive information or modify the registry.

Affected configurations

NVD

Node

enterasysvertical_horizon-2402sMatch2.05.00

enterasysvertical_horizon-2402sMatch2.05.08.01

enterasysvertical_horizon-2402sMatch2.05.09.07

CPENameOperatorVersion
enterasys:vertical_horizon-2402senterasys vertical horizon-2402seq2.05.00
enterasys:vertical_horizon-2402senterasys vertical horizon-2402seq2.05.08.01
enterasys:vertical_horizon-2402senterasys vertical horizon-2402seq2.05.09.07

CPE	Name	Operator	Version
enterasys:vertical_horizon-2402s	enterasys vertical horizon-2402s	eq	2.05.00
enterasys:vertical_horizon-2402s	enterasys vertical horizon-2402s	eq	2.05.08.01
enterasys:vertical_horizon-2402s	enterasys vertical horizon-2402s	eq	2.05.09.07

References

secunia.com/advisories/15757

www.enterasys.com/support/relnotes/VH-4802-2050509-patch-rel.pdf

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

59.7%

JSON

Related for CVE-2005-2027

nvd1 cvelist1