CVE-2011-3997

Published Nov 9, 2011

Last updated 13 years ago

CVSS info 7.5

Overview

Description: Opengear console servers with firmware before 2.2.1 allow remote attackers to bypass authentication, and modify settings or access connected equipment, via unspecified vectors.
Source: vultures@jpcert.or.jp
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-287

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:opengear:opengear_console_server_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3B39748-D797-4599-855C-6906D91CA5E9",
            "versionEndIncluding": "2.1.0u7"
          },
          {
            "criteria": "cpe:2.3:a:opengear:opengear_console_server_firmware:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38B00DB4-FA1D-455B-BF53-DC93B447976F"
          },
          {
            "criteria": "cpe:2.3:a:opengear:opengear_console_server_firmware:2.0.4u1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83A11D76-9091-4FC4-8DDA-79250620BBE5"
          },
          {
            "criteria": "cpe:2.3:a:opengear:opengear_console_server_firmware:2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFF8CBC0-5716-425C-985F-0C08D033196C"
          },
          {
            "criteria": "cpe:2.3:a:opengear:opengear_console_server_firmware:2.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F6163D4-400B-4CB5-9ED4-0A08D71A855D"
          },
          {
            "criteria": "cpe:2.3:a:opengear:opengear_console_server_firmware:2.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B73C1C3-096F-4D2C-879E-418E8EE6CB02"
          },
          {
            "criteria": "cpe:2.3:a:opengear:opengear_console_server_firmware:2.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2F3BF03-8317-4918-BB56-454C6763A98C"
          },
          {
            "criteria": "cpe:2.3:a:opengear:opengear_console_server_firmware:2.1.0u1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E170378-7AAB-4327-B3E8-BA950BBC17EB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:opengear:acm5000_console_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87CF7575-740B-42A7-B65B-8BBC8F950778"
          },
          {
            "criteria": "cpe:2.3:h:opengear:cm4000_console_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41AE0FC0-1715-4086-925F-9BB3218BDB69"
          },
          {
            "criteria": "cpe:2.3:h:opengear:im4004-5_console_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A95AD04A-6832-4EEE-9A38-96A324C15F45"
          },
          {
            "criteria": "cpe:2.3:h:opengear:im4200_console_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A0FBE41-1103-4444-9440-1BF0A9A9D1BB"
          },
          {
            "criteria": "cpe:2.3:h:opengear:img4000_console_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE4AC1B6-CC27-4AA6-8DD8-F2BB90F93AC6"
          },
          {
            "criteria": "cpe:2.3:h:opengear:kcs6000_rackside_console_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "99388420-B75A-4C94-A0FF-CA527358E635"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References