Vulnerability Description
Opengear console servers with firmware before 2.2.1 allow remote attackers to bypass authentication, and modify settings or access connected equipment, via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opengear | Opengear Console Server Firmware | <= 2.1.0u7 |
| Opengear | Acm5000 Console Server | All versions |
| Opengear | Cm4000 Console Server | All versions |
| Opengear | Im4004-5 Console Server | All versions |
| Opengear | Im4200 Console Server | All versions |
| Opengear | Img4000 Console Server | All versions |
| Opengear | Kcs6000 Rackside Console Server | All versions |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN71349007/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2011-000096
- http://jvn.jp/en/jp/JVN71349007/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2011-000096
FAQ
What is CVE-2011-3997?
CVE-2011-3997 is a vulnerability with a CVSS score of 7.5 (HIGH). Opengear console servers with firmware before 2.2.1 allow remote attackers to bypass authentication, and modify settings or access connected equipment, via unspecified vectors.
How severe is CVE-2011-3997?
CVE-2011-3997 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-3997?
Check the references section above for vendor advisories and patch information. Affected products include: Opengear Opengear Console Server Firmware, Opengear Acm5000 Console Server, Opengear Cm4000 Console Server, Opengear Im4004-5 Console Server, Opengear Im4200 Console Server.