Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.5
CVSSv2

CVE-2014-2084

Published: 17/05/2014 Updated: 13/06/2014
CVSS v2 Base Score: 8.5 | Impact Score: 7.8 | Exploitability Score: 10
VMScore: 860
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:C

Vulnerability Summary

Skybox View Appliances with ISO 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54, 6.4.45-2.56, and 6.4.46-2.57 does not properly restrict access to the Admin interface, which allows remote malicious users to obtain sensitive information via a request to (1) scripts/commands/getSystemInformation or (2) scripts/commands/getNetworkConfigurationInfo, cause a denial of service (reboot) via a request to scripts/commands/reboot, or cause a denial of service (shutdown) via a request to scripts/commands/shutdown.

Vulnerable Product Search on Vulmon Subscribe to Product

skyboxsecurity skybox_view_appliance_iso 6.3.31-2.14

skyboxsecurity skybox_view_appliance_iso 6.4.42-2.54

skyboxsecurity skybox_view_appliance_iso 6.3.33-2.14

skyboxsecurity skybox_view_appliance_iso 6.4.45-2.56

skyboxsecurity skybox_view_appliance_iso 6.4.46-2.57

skyboxsecurity skybox_view_appliance -

Exploits

Exploit DB: Skybox Security 6.3.x < 6.4.x - Multiple Denial of Service Vulnerabilities
# Exploit Title: [SKYBOX Security - DDOS] # Date: [22-Jan-2014] # Exploit Author: [Luigi Vezzoso] # Vendor Homepage: [wwwskyboxsecuritycom] # Version: [Skybox View Appliances with ISO versions: 6333-214, 6331-214, 6442-254, 6445-256, 6446-257] # Tested on: [Centos 64 kernel 2632] # CVE : [CVE-2014-2085] #OVERVIEW A v ...
Exploit DB: Skybox Security 6.3.x < 6.4.x - Multiple Information Disclosures
# Exploit Title: [SKYBOX Security – Multiple Information Disclosure] # Date: [22-Jan-2014] # Exploit Author: [Luigi Vezzoso] # Vendor Homepage: [wwwskyboxsecuritycom] # Version: [Skybox View Appliances with ISO versions: 6333-214, 6331-214, 6442-254, 6445-256, 6446-257] # Tested on: [Centos 64 kernel 2632] # CVE : [ ...
Exploit DB: Skybox 6.x Authentication Bypass / Information Disclosure
Skybox versions 6333-214, 6331-214, 6442-254, 6445-256, and 6446-257 suffer from an authentication bypass that allows for information disclosure ...

References

CWE-264http://www.exploit-db.com/exploits/33327http://www.exploit-db.com/exploits/33328http://www.securityfocus.com/bid/67352http://www.osvdb.org/106842https://www.skyboxsecurity.com/sites/default/files/file_resources/Skybox_Security_Appliance_Vulnerability.pdfhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/33328/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572CVE-2024-24919CVE-2024-0230CVE-2024-32714HTML injectionlocal file inclusionCVE-2024-31098CVE-2024-31244privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook