PT-2004-2244 · Asante · Asante Fm2008

Joe Philipps

Published

2004-12-15

Updated

2016-10-18

CVE-2004-1321

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Asante FM2008 version 1.06

Description: The configuration backup stores the username and password in cleartext, which could allow remote attackers to gain unauthorized access.

Recommendations: For Asante FM2008 version 1.06, consider restricting access to the configuration backup to minimize the risk of exploitation. As a temporary workaround, avoid using the configuration backup feature until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1321

Affected Products

Asante Fm2008

PT-2004-2244 · Asante · Asante Fm2008

CVE-2004-1321

Related Identifiers

Affected Products

References · 2