Vulnerabilities > CVE-2002-0250 - Unspecified vulnerability in HP products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

exploit available

NVD

Published: 2002-05-29

Updated: 2024-11-20

Summary

Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password.

Vulnerable Configurations

Part	Description	Count
Hardware	Hp HP Advancestack 10Base T Switching HUB J3210A A.03.07 HP Advancestack 10Base T Switching HUB J3201A A.03.07 HP Advancestack 10Base T Switching HUB J3204A A.03.07 HP Advancestack 10Base T Switching HUB J3202A A.03.07 HP Advancestack 10Base T Switching HUB J3205A A.03.07 HP Advancestack 10Base T Switching HUB J3203A A.03.07 HP Advancestack 10Base T Switching HUB J3200A A.03.07	7

Exploit-Db

description	HP AdvanceStack Switch Authentication Bypass Vulnerability. CVE-2002-0250 . Remote exploit for hardware platform
id	EDB-ID:21285
last seen	2016-02-02
modified	2002-02-08
published	2002-02-08
reporter	Tamer Sahin
source	https://www.exploit-db.com/download/21285/
title	HP AdvanceStack Switch Authentication Bypass Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References