Breakingpointsystems: Security Vulnerabilities
The BreakingPoint Storm appliance before 3.0 requires cleartext credentials for establishing a session from a GUI administrative client, which allows remote attackers to obtain sensitive information by sniffing the network for XML documents.
CVSS Score
5.0
EPSS Score
0.006
Published
2012-08-12
The administrative interface in the embedded web server on the BreakingPoint Storm appliance before 3.0 does not require authentication for the gwt/BugReport script, which allows remote attackers to obtain sensitive information by downloading a .tgz file.
CVSS Score
5.0
EPSS Score
0.005
Published
2012-08-12