CVE-2002-0250

Severity

75%

Complexity

99%

Confidentiality

106%

Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password.

Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

cpe:/h:HP:AdvanceStack 10Base-T Switching Hub

First reported 22 years ago

2002-05-29 04:00:00

Last updated 8 years ago

2016-10-18 02:17:00

Affected Software

cpe:/h:HP:AdvanceStack 10Base-T Switching Hub J3200A version A.03.07

a.03.07

cpe:/h:HP:AdvanceStack 10Base-T Switching Hub J3201A version A.03.07

a.03.07

cpe:/h:HP:AdvanceStack 10Base-T Switching Hub J3202A version A.03.07

a.03.07

cpe:/h:HP:AdvanceStack 10Base-T Switching Hub J3203A version A.03.07

a.03.07

cpe:/h:HP:AdvanceStack 10Base-T Switching Hub J3204A version A.03.07

a.03.07

cpe:/h:HP:AdvanceStack 10Base-T Switching Hub J3205A version A.03.07

a.03.07

cpe:/h:HP:AdvanceStack 10Base-T Switching Hub J3210A version A.03.07

a.03.07

References

20020208 Hewlett Packard AdvanceStack Switch Managment Authentication Bypass Vulnerability

HPSBUX0202-185

Patch, Vendor Advisory

hp-advancestack-bypass-auth(8124)

Patch, Vendor Advisory

4062

Exploit, Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.