Lucene search

[email protected]CVE-2008-6701

HistoryApr 10, 2009 - 10:00 p.m.

CVE-2008-6701

2009-04-1022:00:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2008-6701

netscout

visualizer v2100

infinistream i1730

access restriction

remote attackers

admin privileges

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.0%

JSON

NetScout (formerly Network General) Visualizer V2100 and InfiniStream i1730 do not restrict access to ResourceManager/en_US/domains/add_domain.jsp, which allows remote attackers to gain administrator privileges via a direct request.

Affected configurations

NVD

Node

netscoutngenius_infinistreamMatchi1730

netscoutvisualizerMatchv2100

CPENameOperatorVersion
netscout:ngenius_infinistreamnetscout ngenius infinistreameqi1730
netscout:visualizernetscout visualizereqv2100

CPE	Name	Operator	Version
netscout:ngenius_infinistream	netscout ngenius infinistream	eq	i1730
netscout:visualizer	netscout visualizer	eq	v2100

References

osvdb.org/46195

secunia.com/advisories/30514

www.securityfocus.com/archive/1/493171/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/42938

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.0%

JSON

Related for CVE-2008-6701

prion1 cvelist1 nvd1