CVE-2012-4026 — MEDIUM (5.0)

Q: How severe is CVE-2012-4026?

CVE-2012-4026 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2012-4026?

Check the references section above for vendor advisories and patch information. Affected products include: Johnsoncontrols Pegasys P2000 Server Software, Johnsoncontrols Pegasys P2000 Server.

Vulnerability Description

The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 (aka the upload port), a different vulnerability than CVE-2012-2607.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Johnsoncontrols	Pegasys P2000 Server Software	<= 3.10
Johnsoncontrols	Pegasys P2000 Server	-

Related Weaknesses (CWE)

CWE-20

References

http://www.kb.cert.org/vuls/id/977312US Government Resource
http://www.kb.cert.org/vuls/id/MORO-8UYN8P
http://www.kb.cert.org/vuls/id/977312US Government Resource
http://www.kb.cert.org/vuls/id/MORO-8UYN8P

FAQ

What is CVE-2012-4026?

CVE-2012-4026 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 (aka the upload port), a different vulnerabili...

How severe is CVE-2012-4026?

CVE-2012-4026 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-4026?

Check the references section above for vendor advisories and patch information. Affected products include: Johnsoncontrols Pegasys P2000 Server Software, Johnsoncontrols Pegasys P2000 Server.