Vulnerability Details CVE-2012-2963
The administrative interface in the embedded web server on the BreakingPoint Storm appliance before 3.0 does not require authentication for the gwt/BugReport script, which allows remote attackers to obtain sensitive information by downloading a .tgz file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.7%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2012-2963
-
cpe:2.3:h:breakingpointsystems:breakingpoint_storm_appliance:-
-
cpe:2.3:o:breakingpointsystems:breakingpoint_storm_appliance_ctm:1.2
-
cpe:2.3:o:breakingpointsystems:breakingpoint_storm_appliance_ctm:1.4
-
cpe:2.3:o:breakingpointsystems:breakingpoint_storm_appliance_ctm:1.5
-
cpe:2.3:o:breakingpointsystems:breakingpoint_storm_appliance_ctm:2.0