Vulnerability Description
hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | San\/Iq | 9.5 |
| Hp | Virtual San Appliance | - |
Related Weaknesses (CWE)
References
- http://www.exploit-db.com/exploits/18893/Exploit
- http://www.exploit-db.com/exploits/18901/Exploit
- http://www.kb.cert.org/vuls/id/441363US Government Resource
- http://www.exploit-db.com/exploits/18893/Exploit
- http://www.exploit-db.com/exploits/18901/Exploit
- http://www.kb.cert.org/vuls/id/441363US Government Resource
FAQ
What is CVE-2012-4362?
CVE-2012-4362 is a vulnerability with a CVSS score of 4.0 (MEDIUM). hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management ser...
How severe is CVE-2012-4362?
CVE-2012-4362 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4362?
Check the references section above for vendor advisories and patch information. Affected products include: Hp San\/Iq, Hp Virtual San Appliance.