|CVSS SCORE||9.0, (AV:N/AC:L/Au:N/C:C/I:P/A:P)|
StorageWorks P2000 G3
|TREND MICRO CUSTOMER PROTECTION||Trend Micro TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 361,1125,2400. For further product information on the TippingPoint IPS: http://www.tippingpoint.com|
The specific flaws exists within the web interface listening on TCP port 80. There exists a directory traversal flaw that can allow a remote attacker to view any file on the system by simply specifying it in the default URI. Additionally, the pasword file contains a default login that can be used to authenticate to the device. This can be leveraged by a remote attacker to perform any tasks an administrator is able to.
|CREDIT||Carlos Perez at Tenable Network Security