Details of VAR-200412-0888

ID

VAR-200412-0888

CVE

CVE-2004-1321

TITLE

Asante FM Get unauthorized access vulnerabilities

Trust: 0.6

sources: CNNVD: CNNVD-200412-071

DESCRIPTION

The configuration backup in Asante FM2008 running firmware 1.06 stores the username and password in cleartext, which could allow remote attackers to gain unauthorized access. FM2008 Managed Ethernet Switch is prone to a remote security vulnerability

Trust: 1.26

sources: NVD: CVE-2004-1321 // BID: 90473 // VULHUB: VHN-9751

AFFECTED PRODUCTS

vendor:

asante

model:

fm2008 managed ethernet switch

scope:

version:

1.6

Trust: 1.9

sources: BID: 90473 // CNNVD: CNNVD-200412-071 // NVD: CVE-2004-1321

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2004-1321
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200412-071
value:	HIGH
Trust: 0.6
VULHUB:	VHN-9751
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2004-1321
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-9751
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-9751 // CNNVD: CNNVD-200412-071 // NVD: CVE-2004-1321

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-1321

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-071

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200412-071

EXTERNAL IDS

db:	NVD	id:	CVE-2004-1321	Trust: 2.0
db:	CNNVD	id:	CNNVD-200412-071	Trust: 0.7
db:	BUGTRAQ	id:	20041215 ASANTE FM2008 10/100 ETHERNET SWITCH BACKDOOR LOGIN	Trust: 0.6
db:	BID	id:	90473	Trust: 0.4
db:	VULHUB	id:	VHN-9751	Trust: 0.1

sources: VULHUB: VHN-9751 // BID: 90473 // CNNVD: CNNVD-200412-071 // NVD: CVE-2004-1321

REFERENCES

url:	http://marc.info/?l=bugtraq&m=110312733624864&w=2	Trust: 1.0
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=110312733624864&w=2	Trust: 0.9
url:	http://marc.info/?l=bugtraq&m=110312733624864&w=2	Trust: 0.1

sources: VULHUB: VHN-9751 // BID: 90473 // CNNVD: CNNVD-200412-071 // NVD: CVE-2004-1321

CREDITS

Unknown

Trust: 0.3

sources: BID: 90473

SOURCES

db:	VULHUB	id:	VHN-9751
db:	BID	id:	90473
db:	CNNVD	id:	CNNVD-200412-071
db:	NVD	id:	CVE-2004-1321

LAST UPDATE DATE

2024-08-14T13:03:50.870000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-9751	date:	2016-10-18T00:00:00
db:	BID	id:	90473	date:	2004-12-15T00:00:00
db:	CNNVD	id:	CNNVD-200412-071	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2004-1321	date:	2016-10-18T02:53:09.053

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-9751	date:	2004-12-15T00:00:00
db:	BID	id:	90473	date:	2004-12-15T00:00:00
db:	CNNVD	id:	CNNVD-200412-071	date:	2004-12-15T00:00:00
db:	NVD	id:	CVE-2004-1321	date:	2004-12-15T05:00:00