PT-2016-3839 · Pro Face · Gp-Pro Ex Ex-Ed+3

Published

2016-04-06

Updated

2022-01-31

CVE-2015-7921

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Pro-face GP-Pro EX EX-ED versions prior to 4.05.000 Pro-face PFXEXEDV versions prior to 4.05.000 Pro-face PFXEXEDLS versions prior to 4.05.000 Pro-face PFXEXGRPLS versions prior to 4.05.000

Description The issue concerns hardcoded credentials in the FTP server, making it easier for remote attackers to bypass authentication by leveraging knowledge of these credentials.

Recommendations For Pro-face GP-Pro EX EX-ED versions prior to 4.05.000, update to version 4.05.000 or later. For Pro-face PFXEXEDV versions prior to 4.05.000, update to version 4.05.000 or later. For Pro-face PFXEXEDLS versions prior to 4.05.000, update to version 4.05.000 or later. For Pro-face PFXEXGRPLS versions prior to 4.05.000, update to version 4.05.000 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2015-7921

Affected Products

Gp-Pro Ex Ex-Ed

Pfxexedls

Pfxexedv

Pfxexgrpls

PT-2016-3839 · Pro Face · Gp-Pro Ex Ex-Ed+3

CVE-2015-7921

Weakness Enumeration

Related Identifiers

Affected Products

References · 2