Vulnerability Description
360 Systems Maxx, Image Server Maxx, and Image Server 2000 have a hardcoded password for the root account, which makes it easier for remote attackers to execute arbitrary code, or modify video content or scheduling, via an SSH session.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 360Systems | Image Server 2000 | - |
| 360Systems | Image Server Maxx | - |
| 360Systems | Maxx | - |
Related Weaknesses (CWE)
References
- http://ics-cert.us-cert.gov/pdf/ICSA-13-038-01A.pdfUS Government Resource
- http://ics-cert.us-cert.gov/pdf/ICSA-13-038-01A.pdfUS Government Resource
FAQ
What is CVE-2012-4702?
CVE-2012-4702 is a vulnerability with a CVSS score of 10.0 (HIGH). 360 Systems Maxx, Image Server Maxx, and Image Server 2000 have a hardcoded password for the root account, which makes it easier for remote attackers to execute arbitrary code, or modify video content...
How severe is CVE-2012-4702?
CVE-2012-4702 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4702?
Check the references section above for vendor advisories and patch information. Affected products include: 360Systems Image Server 2000, 360Systems Image Server Maxx, 360Systems Maxx.