Vulnerability Description
Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Advancestack 10Base-T Switching Hub J3200A | a.03.07 |
| Hp | Advancestack 10Base-T Switching Hub J3201A | a.03.07 |
| Hp | Advancestack 10Base-T Switching Hub J3202A | a.03.07 |
| Hp | Advancestack 10Base-T Switching Hub J3203A | a.03.07 |
| Hp | Advancestack 10Base-T Switching Hub J3204A | a.03.07 |
| Hp | Advancestack 10Base-T Switching Hub J3205A | a.03.07 |
| Hp | Advancestack 10Base-T Switching Hub J3210A | a.03.07 |
References
- http://marc.info/?l=bugtraq&m=101318469216213&w=2
- http://online.securityfocus.com/advisories/3870PatchVendor Advisory
- http://www.iss.net/security_center/static/8124.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4062ExploitVendor Advisory
- http://marc.info/?l=bugtraq&m=101318469216213&w=2
- http://online.securityfocus.com/advisories/3870PatchVendor Advisory
- http://www.iss.net/security_center/static/8124.phpPatchVendor Advisory
- http://www.securityfocus.com/bid/4062ExploitVendor Advisory
FAQ
What is CVE-2002-0250?
CVE-2002-0250 is a vulnerability with a CVSS score of 7.5 (HIGH). Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the w...
How severe is CVE-2002-0250?
CVE-2002-0250 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0250?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Advancestack 10Base-T Switching Hub J3200A, Hp Advancestack 10Base-T Switching Hub J3201A, Hp Advancestack 10Base-T Switching Hub J3202A, Hp Advancestack 10Base-T Switching Hub J3203A, Hp Advancestack 10Base-T Switching Hub J3204A.