Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3014

Overview

Vulnerability Score 7.7 7.7
CVE Id CVE-2012-3014
Last Modified 04 Sep 2012 12:00:00
Published 04 Sep 2012 07:04:49
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-3014

Summary

The Management Software application in GarrettCom Magnum MNS-6K before 4.4.0, and 14.x before 14.4.0, has a hardcoded password for an administrative account, which allows local users to gain privileges via unspecified vectors.

Vulnerable Systems

Application

  • Garrettcom Magnum Managed Networks Software-6k 4.2

  • Garrettcom Magnum Managed Networks Software-6k 4.2.1

  • Garrettcom Magnum Managed Networks Software-6k 4.3.0

  • Garrettcom Magnum Managed Networks Software-6k 4.3.1

  • Garrettcom Magnum Managed Networks Software-6k Secure 14.2

  • Garrettcom Magnum Managed Networks Software-6k Secure 14.2.1

  • Garrettcom Magnum Managed Networks Software-6k Secure 14.3.0

  • Garrettcom Magnum Managed Networks Software-6k Secure 14.3.1


References

MISC - http://www.us-cert.gov/control_systems/pdf/ICSA-12-243-01.pdf

MISC - http://www.garrettcom.com/techsupport/6k_dl/6k440_rn.pdf


Last Updated: 27 May 2016 11:00:27