Lucene search

[email protected]CVE-2012-4362

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-4362

2022-10-0316:15:34

CWE-255

[email protected]

web.nvd.nist.gov

cve-2012-4362

hp san/iq

hardcoded password

vulnerability

remote access

tcp port 13838

nvd

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.8%

JSON

hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838.

Affected configurations

NVD

Node

hpsan\/iqMatch9.5

AND

hpvirtual_san_applianceMatch-

CPENameOperatorVersion
hp:san\/iqhp san/iqeq9.5

CPE	Name	Operator	Version
hp:san\/iq	hp san/iq	eq	9.5

References

www.exploit-db.com/exploits/18893/

www.exploit-db.com/exploits/18901/

www.kb.cert.org/vuls/id/441363

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.8%

JSON

Related for CVE-2012-4362

prion1 cvelist1 nvd1 openvas1