Vulnerability Details CVE-2015-3959
The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate attackers to obtain access by establishing a console session to a nonstandard installation on which this account is enabled, and leveraging knowledge of this password.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.2%
CVSS Severity
CVSS v2 Score 7.2
Products affected by CVE-2015-3959
-
cpe:2.3:o:garrettcom:magnum_10k_firmware:*
-
cpe:2.3:o:garrettcom:magnum_6k_firmware:*