Search criteria
4 vulnerabilities found for oas by apc
VAR-200712-0035
Vulnerability from variot - Updated: 2023-12-18 13:53The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits. APC Switched Rack PDUs (Power Distribution Units) are prone to an authentication-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access to affected devices. Successful exploits will allow attackers to control the power distribution to rack-mounted computer equipment. Attackers could leverage this to cause denial-of-service conditions and possibly physical damage. The following firmware versions running on PDU part number AP9732 are vulnerable: rpdu 3.5.5 aos 3.5.6 Other versions and devices may also be affected. A remote attacker bypasses authentication and gains registration access with the help of registration attempts from different customer usages
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200712-0035",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "oas",
"scope": "eq",
"trust": 1.9,
"vendor": "apc",
"version": "3.5.6"
},
{
"model": "switched rack pdu",
"scope": "eq",
"trust": 1.6,
"vendor": "apc",
"version": "3.5.5"
},
{
"model": "oas",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric former name",
"version": "3.5.6"
},
{
"model": "switched rack pdu",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric former name",
"version": "3.5.5"
},
{
"model": "rpdu",
"scope": "eq",
"trust": 0.3,
"vendor": "apc",
"version": "3.5.5"
}
],
"sources": [
{
"db": "BID",
"id": "26636"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apc:oas:3.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apc:switched_rack_pdu_firmware:3.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6226"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gary Simat of Total Server Solutions LLC and Randy Kent of Sevaa Group Inc are credited with the discovery of this issue.",
"sources": [
{
"db": "BID",
"id": "26636"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
],
"trust": 0.9
},
"cve": "CVE-2007-6226",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-6226",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-29588",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-6226",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200712-040",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-29588",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-29588"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits. APC Switched Rack PDUs (Power Distribution Units) are prone to an authentication-bypass vulnerability. \nAttackers can exploit this issue to gain unauthorized access to affected devices. Successful exploits will allow attackers to control the power distribution to rack-mounted computer equipment. Attackers could leverage this to cause denial-of-service conditions and possibly physical damage. \nThe following firmware versions running on PDU part number AP9732 are vulnerable:\nrpdu 3.5.5\naos 3.5.6\nOther versions and devices may also be affected. A remote attacker bypasses authentication and gains registration access with the help of registration attempts from different customer usages",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "BID",
"id": "26636"
},
{
"db": "VULHUB",
"id": "VHN-29588"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-6226",
"trust": 2.8
},
{
"db": "BID",
"id": "26636",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1019018",
"trust": 1.7
},
{
"db": "SREASON",
"id": "3418",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040",
"trust": 0.7
},
{
"db": "XF",
"id": "38783",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20071129 APC MANAGEMENT VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-29588",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-29588"
},
{
"db": "BID",
"id": "26636"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"id": "VAR-200712-0035",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-29588"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:53:57.398000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Switched Rack PDU",
"trust": 0.8,
"url": "http://www.apc.com/products/family/index.cfm?id=70"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-29588"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/26636"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1019018"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/3418"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/484363/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38783"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6226"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-6226"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/38783"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/484363/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.apc.com/products/family/index.cfm?id=70"
},
{
"trust": 0.3,
"url": "/archive/1/484363"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-29588"
},
{
"db": "BID",
"id": "26636"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-29588"
},
{
"db": "BID",
"id": "26636"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-12-04T00:00:00",
"db": "VULHUB",
"id": "VHN-29588"
},
{
"date": "2007-11-29T00:00:00",
"db": "BID",
"id": "26636"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"date": "2007-12-04T18:46:00",
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"date": "2007-12-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-29588"
},
{
"date": "2008-03-13T02:21:00",
"db": "BID",
"id": "26636"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"date": "2018-10-15T21:51:20.653000",
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"date": "2007-12-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "APC AP7932 0u 30amp Switched Rack PDU Vulnerable to login access",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
],
"trust": 0.6
}
}
FKIE_CVE-2007-6226
Vulnerability from fkie_nvd - Published: 2007-12-04 18:46 - Updated: 2025-04-09 00:30
Severity ?
Summary
The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apc | oas | 3.5.6 | |
| apc | switched_rack_pdu_firmware | 3.5.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apc:oas:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E13B7C09-9C0B-4709-88D6-85B42B3A9CD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apc:switched_rack_pdu_firmware:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "96D6C17E-3012-404D-A122-F80A52AD268F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits."
},
{
"lang": "es",
"value": "La American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), con rpdu 3.5.5 y aos 3.5.6, permite a atacantes remotos evitar la validaci\u00f3n y obtener acceso de entrada haciendo un intento de entrada mientras un cliente diferente est\u00e1 entrando, y por la tanto reenviar el intento de entrada una vez que el otro cliente exista."
}
],
"id": "CVE-2007-6226",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-04T18:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3418"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019018"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/484363/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26636"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38783"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/484363/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38783"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-6226 (GCVE-0-2007-6226)
Vulnerability from cvelistv5 – Published: 2007-12-04 18:00 – Updated: 2024-08-07 15:54
VLAI?
Summary
The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:27.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1019018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019018"
},
{
"name": "20071129 APC Management Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484363/100/0/threaded"
},
{
"name": "3418",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3418"
},
{
"name": "apc-pdu-unspecified-security-bypass(38783)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38783"
},
{
"name": "26636",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26636"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1019018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019018"
},
{
"name": "20071129 APC Management Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/484363/100/0/threaded"
},
{
"name": "3418",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3418"
},
{
"name": "apc-pdu-unspecified-security-bypass(38783)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38783"
},
{
"name": "26636",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26636"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1019018",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019018"
},
{
"name": "20071129 APC Management Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484363/100/0/threaded"
},
{
"name": "3418",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3418"
},
{
"name": "apc-pdu-unspecified-security-bypass(38783)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38783"
},
{
"name": "26636",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26636"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6226",
"datePublished": "2007-12-04T18:00:00",
"dateReserved": "2007-12-04T00:00:00",
"dateUpdated": "2024-08-07T15:54:27.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6226 (GCVE-0-2007-6226)
Vulnerability from nvd – Published: 2007-12-04 18:00 – Updated: 2024-08-07 15:54
VLAI?
Summary
The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:27.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1019018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019018"
},
{
"name": "20071129 APC Management Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484363/100/0/threaded"
},
{
"name": "3418",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3418"
},
{
"name": "apc-pdu-unspecified-security-bypass(38783)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38783"
},
{
"name": "26636",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26636"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1019018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019018"
},
{
"name": "20071129 APC Management Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/484363/100/0/threaded"
},
{
"name": "3418",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3418"
},
{
"name": "apc-pdu-unspecified-security-bypass(38783)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38783"
},
{
"name": "26636",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26636"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1019018",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019018"
},
{
"name": "20071129 APC Management Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484363/100/0/threaded"
},
{
"name": "3418",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3418"
},
{
"name": "apc-pdu-unspecified-security-bypass(38783)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38783"
},
{
"name": "26636",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26636"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6226",
"datePublished": "2007-12-04T18:00:00",
"dateReserved": "2007-12-04T00:00:00",
"dateUpdated": "2024-08-07T15:54:27.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}