Lucene search
CertccCVE-2012-2974HistoryJul 19, 2012 - 3:55 p.m.
CVE-2012-2974
2012-07-1915:55:02
CWE-287
certcc
web.nvd.nist.gov
34
smc smc8024l2
switch
web interface
authentication bypass
cve-2012-2974
security vulnerability
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.1
Confidence
Low
EPSS
0.005
Percentile
77.3%
The web interface on the SMC SMC8024L2 switch allows remote attackers to bypass authentication and obtain administrative access via a direct request to a .html file under (1) status/, (2) system/, (3) ports/, (4) trunks/, (5) vlans/, (6) qos/, (7) rstp/, (8) dot1x/, (9) security/, (10) igmps/, or (11) snmp/.
Affected configurations
Node
smcsmc8024l2_switch
| Vendor | Product | Version | CPE |
|---|---|---|---|
| smc | smc8024l2_switch | * | cpe:2.3:h:smc:smc8024l2_switch:*:*:*:*:*:*:*:* |
Related
prion
prion
Authentication flaw
2012-07-19 15:55:00
cvelist
cvelist
CVE-2012-2974
2012-07-19 15:00:00
openvas
openvas
cert
cert
SMC SMC8024L2 switch web interface authentication bypass
2012-07-11 00:00:00
nvd
nvd
CVE-2012-2974
2012-07-19 15:55:02
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.1
Confidence
Low
EPSS
0.005
Percentile
77.3%
Related for CVE-2012-2974