|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-12-21 | |
| Rule Name: | APC SmartSlot Smart Card Default Password Disclosure Vulnerability (CVE-2004-0311) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | American Power Conversion (APC) Web/SNMP Management SmartSlot Card 3.0 through 3.0.3 and 3.21 are shipped with a default password of TENmanUFactOryPOWER, which allows remote attackers to gain unauthorized access. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | SecurityFocusBID:9681 http://marc.info/?l=bugtraq&m=107703696631367&w=2 http://marc.info/?l=bugtraq&m=107721020803565&w=2 http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=3131&p_created=1077139129 |
|
| Solutions |
|---|
| The vendor has released upgrade patches to fix vulnerabilities, please visit: * 关闭Telnet服务,通过WEB接口管理telnet服务,必须在设备重新启动后才关闭。厂商补丁:APC---目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:. |