Vulnerability Details CVE-2005-4326
The web interface for American Power Conversion (APC) PowerChute Network Shutdown performs all communication in cleartext (base64-encoded), which allows remote attackers to sniff authentication credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7330
- http://securitytracker.com/alerts/2005/Nov/1015250.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23183
- http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7330
- http://securitytracker.com/alerts/2005/Nov/1015250.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23183
Products affected by CVE-2005-4326
-
cpe:2.3:a:apc:powerchute_network_shutdown:-
-
cpe:2.3:a:apc:powerchute_network_shutdown:3.0.0