CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
86.9%
Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch’s configuration and modify the administrator password.
Vendor | Product | Version | CPE |
---|---|---|---|
hp | advancestack_10base-t_switching_hub_j3200a | a.03.07 | cpe:2.3:h:hp:advancestack_10base-t_switching_hub_j3200a:a.03.07:*:*:*:*:*:*:* |
hp | advancestack_10base-t_switching_hub_j3201a | a.03.07 | cpe:2.3:h:hp:advancestack_10base-t_switching_hub_j3201a:a.03.07:*:*:*:*:*:*:* |
hp | advancestack_10base-t_switching_hub_j3202a | a.03.07 | cpe:2.3:h:hp:advancestack_10base-t_switching_hub_j3202a:a.03.07:*:*:*:*:*:*:* |
hp | advancestack_10base-t_switching_hub_j3203a | a.03.07 | cpe:2.3:h:hp:advancestack_10base-t_switching_hub_j3203a:a.03.07:*:*:*:*:*:*:* |
hp | advancestack_10base-t_switching_hub_j3204a | a.03.07 | cpe:2.3:h:hp:advancestack_10base-t_switching_hub_j3204a:a.03.07:*:*:*:*:*:*:* |
hp | advancestack_10base-t_switching_hub_j3205a | a.03.07 | cpe:2.3:h:hp:advancestack_10base-t_switching_hub_j3205a:a.03.07:*:*:*:*:*:*:* |
hp | advancestack_10base-t_switching_hub_j3210a | a.03.07 | cpe:2.3:h:hp:advancestack_10base-t_switching_hub_j3210a:a.03.07:*:*:*:*:*:*:* |