RSS   Vulnerabilities for 'Breakingpoint storm appliance'   RSS

2012-08-12
 
CVE-2012-2964

CWE-20
 

 
The BreakingPoint Storm appliance before 3.0 requires cleartext credentials for establishing a session from a GUI administrative client, which allows remote attackers to obtain sensitive information by sniffing the network for XML documents.

 
 
CVE-2012-2963

CWE-287
 

 
The administrative interface in the embedded web server on the BreakingPoint Storm appliance before 3.0 does not require authentication for the gwt/BugReport script, which allows remote attackers to obtain sensitive information by downloading a .tgz file.

 

 >>> Vendor: Breakingpointsystems 2 Products
Breakingpoint storm appliance
Breakingpoint storm appliance ctm


Copyright 2024, cxsecurity.com

 

Back to Top