Vulnerability Description
Samsung SmartEther SS6215S switch, and possibly other Samsung switches, allows remote attackers and local users to gain administrative access by providing the admin username followed by a password that is the maximum allowed length, then pressing the enter key after the resulting error message.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Securecomputing | Smartether Ss6215S Switch | All versions |
References
- http://marc.info/?l=bugtraq&m=108300407424571&w=2
- http://www.securityfocus.com/bid/10219Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15973
- http://marc.info/?l=bugtraq&m=108300407424571&w=2
- http://www.securityfocus.com/bid/10219Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15973
FAQ
What is CVE-2004-1970?
CVE-2004-1970 is a vulnerability with a CVSS score of 7.5 (HIGH). Samsung SmartEther SS6215S switch, and possibly other Samsung switches, allows remote attackers and local users to gain administrative access by providing the admin username followed by a password tha...
How severe is CVE-2004-1970?
CVE-2004-1970 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1970?
Check the references section above for vendor advisories and patch information. Affected products include: Securecomputing Smartether Ss6215S Switch.