VAR-200712-0035
Vulnerability from variot - Updated: 2023-12-18 13:53The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits. APC Switched Rack PDUs (Power Distribution Units) are prone to an authentication-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access to affected devices. Successful exploits will allow attackers to control the power distribution to rack-mounted computer equipment. Attackers could leverage this to cause denial-of-service conditions and possibly physical damage. The following firmware versions running on PDU part number AP9732 are vulnerable: rpdu 3.5.5 aos 3.5.6 Other versions and devices may also be affected. A remote attacker bypasses authentication and gains registration access with the help of registration attempts from different customer usages
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200712-0035",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "oas",
"scope": "eq",
"trust": 1.9,
"vendor": "apc",
"version": "3.5.6"
},
{
"model": "switched rack pdu",
"scope": "eq",
"trust": 1.6,
"vendor": "apc",
"version": "3.5.5"
},
{
"model": "oas",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric former name",
"version": "3.5.6"
},
{
"model": "switched rack pdu",
"scope": "eq",
"trust": 0.8,
"vendor": "schneider electric former name",
"version": "3.5.5"
},
{
"model": "rpdu",
"scope": "eq",
"trust": 0.3,
"vendor": "apc",
"version": "3.5.5"
}
],
"sources": [
{
"db": "BID",
"id": "26636"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apc:oas:3.5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apc:switched_rack_pdu_firmware:3.5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6226"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gary Simat of Total Server Solutions LLC and Randy Kent of Sevaa Group Inc are credited with the discovery of this issue.",
"sources": [
{
"db": "BID",
"id": "26636"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
],
"trust": 0.9
},
"cve": "CVE-2007-6226",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-6226",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-29588",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-6226",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200712-040",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-29588",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-29588"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits. APC Switched Rack PDUs (Power Distribution Units) are prone to an authentication-bypass vulnerability. \nAttackers can exploit this issue to gain unauthorized access to affected devices. Successful exploits will allow attackers to control the power distribution to rack-mounted computer equipment. Attackers could leverage this to cause denial-of-service conditions and possibly physical damage. \nThe following firmware versions running on PDU part number AP9732 are vulnerable:\nrpdu 3.5.5\naos 3.5.6\nOther versions and devices may also be affected. A remote attacker bypasses authentication and gains registration access with the help of registration attempts from different customer usages",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "BID",
"id": "26636"
},
{
"db": "VULHUB",
"id": "VHN-29588"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-6226",
"trust": 2.8
},
{
"db": "BID",
"id": "26636",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1019018",
"trust": 1.7
},
{
"db": "SREASON",
"id": "3418",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040",
"trust": 0.7
},
{
"db": "XF",
"id": "38783",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20071129 APC MANAGEMENT VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-29588",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-29588"
},
{
"db": "BID",
"id": "26636"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"id": "VAR-200712-0035",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-29588"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:53:57.398000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Switched Rack PDU",
"trust": 0.8,
"url": "http://www.apc.com/products/family/index.cfm?id=70"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-29588"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/26636"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1019018"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/3418"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/484363/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38783"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-6226"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-6226"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/38783"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/484363/100/0/threaded"
},
{
"trust": 0.3,
"url": "http://www.apc.com/products/family/index.cfm?id=70"
},
{
"trust": 0.3,
"url": "/archive/1/484363"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-29588"
},
{
"db": "BID",
"id": "26636"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-29588"
},
{
"db": "BID",
"id": "26636"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-12-04T00:00:00",
"db": "VULHUB",
"id": "VHN-29588"
},
{
"date": "2007-11-29T00:00:00",
"db": "BID",
"id": "26636"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"date": "2007-12-04T18:46:00",
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"date": "2007-12-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-29588"
},
{
"date": "2008-03-13T02:21:00",
"db": "BID",
"id": "26636"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002948"
},
{
"date": "2018-10-15T21:51:20.653000",
"db": "NVD",
"id": "CVE-2007-6226"
},
{
"date": "2007-12-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "APC AP7932 0u 30amp Switched Rack PDU Vulnerable to login access",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002948"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200712-040"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…