Lucene search

[email protected]CVE-2005-2984

HistorySep 20, 2005 - 12:03 a.m.

CVE-2005-2984

2005-09-2000:03:00

[email protected]

web.nvd.nist.gov

avocent

ccm server

firmware

bypass

port restrictions

ssh

connect command

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.2%

JSON

Avocent CCM console server running firmware 2.1 CCM4850 allows remote authenticated attackers to bypass port restrictions by connecting to the server via SSH and using the connect command to access the serial port.

Affected configurations

NVD

Node

data_center_resourcesavocentMatchccm4850_2.1_firmware

CPENameOperatorVersion
data_center_resources:avocentdata center resources avocenteqccm4850_2.1_firmware

CPE	Name	Operator	Version
data_center_resources:avocent	data center resources avocent	eq	ccm4850_2.1_firmware

References

drwetter.org/cs-probs/avocent-sshbug.txt

marc.info/?l=bugtraq&m=112680615103315&w=2

secunia.com/advisories/16836/

www.securityfocus.com/bid/14853

exchange.xforce.ibmcloud.com/vulnerabilities/22302

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.2%

JSON

Related for CVE-2005-2984

cvelist1 nvd1