Published: 05/07/2007 Updated: 16/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote malicious users to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using (1) config/ip_management.htm and (2) config/snmp_config.htm.

Vulnerable Product	Search on Vulmon	Subscribe to Product
fujitsu primergy bx300

RedTeam Pentesting discovered an information disclosure in the Fujitsu-Siemens BX300 Switch Blade during a penetration test By accessing URLs of the web interface directly and aborting the authentication dialog, one is able to access the restricted management interface without proper authentication, having read-only access ...

NVD-CWE-Other http://www.redteam-pentesting.de/advisories/rt-sa-2007-003.php http://www.securityfocus.com/bid/24761 http://secunia.com/advisories/25943 http://www.vupen.com/english/advisories/2007/2442 http://osvdb.org/37837 https://exchange.xforce.ibmcloud.com/vulnerabilities/35264 http://www.securityfocus.com/archive/1/472803/100/0/threaded https://nvd.nist.gov https://packetstormsecurity.com/files/57500/fujitsu-primergy-disclose.txt.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3012

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect