PT-2016-3839 · Pro Face · Gp-Pro Ex Ex-Ed+3
Publicado
2016-04-06
·
Atualizado
2022-01-31
·
CVE-2015-7921
CVSS v2.0
6.4
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Pro-face GP-Pro EX EX-ED versions prior to 4.05.000
Pro-face PFXEXEDV versions prior to 4.05.000
Pro-face PFXEXEDLS versions prior to 4.05.000
Pro-face PFXEXGRPLS versions prior to 4.05.000
Description
The issue concerns hardcoded credentials in the FTP server, making it easier for remote attackers to bypass authentication by leveraging knowledge of these credentials.
Recommendations
For Pro-face GP-Pro EX EX-ED versions prior to 4.05.000, update to version 4.05.000 or later.
For Pro-face PFXEXEDV versions prior to 4.05.000, update to version 4.05.000 or later.
For Pro-face PFXEXEDLS versions prior to 4.05.000, update to version 4.05.000 or later.
For Pro-face PFXEXGRPLS versions prior to 4.05.000, update to version 4.05.000 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Gp-Pro Ex Ex-Ed
Pfxexedls
Pfxexedv
Pfxexgrpls