Vulnerability Description
The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using (1) config/ip_management.htm and (2) config/snmp_config.htm.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fujitsu | Primergy Bx300 | All versions |
References
- http://osvdb.org/37837
- http://secunia.com/advisories/25943Vendor Advisory
- http://www.redteam-pentesting.de/advisories/rt-sa-2007-003.phpExploitVendor Advisory
- http://www.securityfocus.com/archive/1/472803/100/0/threaded
- http://www.securityfocus.com/bid/24761
- http://www.vupen.com/english/advisories/2007/2442
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35264
- http://osvdb.org/37837
- http://secunia.com/advisories/25943Vendor Advisory
- http://www.redteam-pentesting.de/advisories/rt-sa-2007-003.phpExploitVendor Advisory
- http://www.securityfocus.com/archive/1/472803/100/0/threaded
- http://www.securityfocus.com/bid/24761
- http://www.vupen.com/english/advisories/2007/2442
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35264
FAQ
What is CVE-2007-3012?
CVE-2007-3012 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, whi...
How severe is CVE-2007-3012?
CVE-2007-3012 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3012?
Check the references section above for vendor advisories and patch information. Affected products include: Fujitsu Primergy Bx300.