Vulnerability Description
The HTTP server in Compaq web-enabled management software for (1) Foundation Agents, (2) Survey, (3) Power Manager, (4) Availability Agents, (5) Intelligent Cluster Administrator, and (6) Insight Manager can be used as a generic proxy server, which allows remote attackers to bypass access restrictions via the management port, 2301.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Compaq | Web-Enabled Management | All versions |
References
- http://archives.neohapsis.com/archives/vuln-dev/2001-q1/0779.htmlVendor Advisory
- http://www.compaq.com/products/servers/management/mgtsw-advisory.htmlPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6264
- http://archives.neohapsis.com/archives/vuln-dev/2001-q1/0779.htmlVendor Advisory
- http://www.compaq.com/products/servers/management/mgtsw-advisory.htmlPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6264
FAQ
What is CVE-2001-0374?
CVE-2001-0374 is a vulnerability with a CVSS score of 7.5 (HIGH). The HTTP server in Compaq web-enabled management software for (1) Foundation Agents, (2) Survey, (3) Power Manager, (4) Availability Agents, (5) Intelligent Cluster Administrator, and (6) Insight Mana...
How severe is CVE-2001-0374?
CVE-2001-0374 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0374?
Check the references section above for vendor advisories and patch information. Affected products include: Compaq Web-Enabled Management.