CVE-2002-0250
Last modified
CVE-2002-0250 is a vulnerability of currently unknown severity. Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password.. EPSS estimates a 4.03% chance of exploitation in the next 30 days.
Description
Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Hp | Advancestack 10base-T Switching Hub J3200a | a.03.07 |
| Hp | Advancestack 10base-T Switching Hub J3201a | a.03.07 |
| Hp | Advancestack 10base-T Switching Hub J3202a | a.03.07 |
| Hp | Advancestack 10base-T Switching Hub J3203a | a.03.07 |
| Hp | Advancestack 10base-T Switching Hub J3204a | a.03.07 |
| Hp | Advancestack 10base-T Switching Hub J3205a | a.03.07 |
| Hp | Advancestack 10base-T Switching Hub J3210a | a.03.07 |
References
- http://online.securityfocus.com/advisories/3870Patch, Vendor Advisory
- http://www.iss.net/security_center/static/8124.phpPatch, Vendor Advisory
- http://www.securityfocus.com/bid/4062Exploit, Vendor Advisory
- http://online.securityfocus.com/advisories/3870Patch, Vendor Advisory
- http://www.iss.net/security_center/static/8124.phpPatch, Vendor Advisory
- http://www.securityfocus.com/bid/4062Exploit, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2002-0250?
How severe is CVE-2002-0250?
How do I fix CVE-2002-0250?
Are you affected by CVE-2002-0250?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST