PT-2017-4611 · Dataprobe · Dataprobe Ibootbar
Published
2017-04-07
·
Updated
2017-04-13
·
CVE-2007-6759
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware)
Description:
The issue allows remote attackers to bypass authentication and conduct power-cycle attacks on connected devices via a
DCRABBIT cookie.Recommendations:
For the affected firmware, consider restricting access to the device until a patch or update is available. As a temporary workaround, avoid using the
DCRABBIT cookie in authentication processes to minimize the risk of exploitation.Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dataprobe Ibootbar