PT-2013-3685 · Hewlett Packard · Hp Storeonce D2D

Publicado

2013-06-29

Atualizado

2019-10-09

CVE-2013-2342

CVSS v2.0

7.7

Alta

Vetor

AV:A/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HP StoreOnce D2D backup system versions prior to 3.0.0

Description The issue concerns a default password for the HPSupport account, which is set to badg3r5. This allows remote attackers to gain administrative access and potentially delete data by establishing an SSH session.

Recommendations For versions prior to 3.0.0, update the software to version 3.0.0 or later to change the default password for the HPSupport account. As a temporary workaround, consider changing the default password for the HPSupport account to prevent unauthorized access.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-255

Identificadores relacionados

CVE-2013-2342

Produtos afetados

Hp Storeonce D2D

PT-2013-3685 · Hewlett Packard · Hp Storeonce D2D

CVE-2013-2342

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3