Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4326

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4326
Last Modified 05 Sep 2008 04:56:36
Published 17 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4326

Summary

The web interface for American Power Conversion (APC) PowerChute Network Shutdown performs all communication in cleartext (base64-encoded), which allows remote attackers to sniff authentication credentials.

Vulnerable Systems

Application

  • Apc Powerchute Network Shutdown


References

XF - powerchute-web-weak-security(23183)

SECTRACK - 1015250

CONFIRM - http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7330


Last Updated: 27 May 2016 10:41:16