PT-2013-3685 · Hewlett Packard · Hp Storeonce D2D

Published

2013-06-29

Updated

2019-10-09

CVE-2013-2342

CVSS v2.0

7.7

High

Vector

AV:A/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions HP StoreOnce D2D backup system versions prior to 3.0.0

Description The issue concerns a default password for the HPSupport account, which is set to badg3r5. This allows remote attackers to gain administrative access and potentially delete data by establishing an SSH session.

Recommendations For versions prior to 3.0.0, update the software to version 3.0.0 or later to change the default password for the HPSupport account. As a temporary workaround, consider changing the default password for the HPSupport account to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2013-2342

Affected Products

Hp Storeonce D2D

PT-2013-3685 · Hewlett Packard · Hp Storeonce D2D

CVE-2013-2342

Weakness Enumeration

Related Identifiers

Affected Products

References · 3