Vulnerability Details CVE-2006-0993
The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/20058
- http://securityreason.com/securityalert/870
- http://securitytracker.com/id?1016051
- http://www.3com.com/securityalert/alerts/3COM-06-002.html
- http://www.osvdb.org/25360
- http://www.securityfocus.com/archive/1/433432/100/0/threaded
- http://www.securityfocus.com/bid/17935
- http://www.vupen.com/english/advisories/2006/1752
- http://www.zerodayinitiative.com/advisories/ZDI-06-013.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26338
- http://secunia.com/advisories/20058
- http://securityreason.com/securityalert/870
- http://securitytracker.com/id?1016051
- http://www.3com.com/securityalert/alerts/3COM-06-002.html
- http://www.osvdb.org/25360
- http://www.securityfocus.com/archive/1/433432/100/0/threaded
- http://www.securityfocus.com/bid/17935
- http://www.vupen.com/english/advisories/2006/1752
- http://www.zerodayinitiative.com/advisories/ZDI-06-013.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26338
Products affected by CVE-2006-0993
-
cpe:2.3:h:3com:tippingpoint_sms_server:-
-
cpe:2.3:h:3com:tippingpoint_sms_server:2.2.1.4477