Vulnerabilities > CVE-2000-1242 - Unspecified vulnerability in APC Powerchute

CVSS 9.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

apc

critical

NVD

Published: 2000-12-31

Updated: 2008-09-05

Summary

The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access.

Vulnerable Configurations

Part	Description	Count
Application	Apc APC Powerchute *	1

References

http://governmentsecurity.org/articles/DefaultLoginsandPasswordsforNetworkedDevices.php
http://www.osvdb.org/30768