Vulnerabilities > CVE-2004-1970 - Authentication Bypass vulnerability in Samsung SmartEther Switch Firmware

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

securecomputing

NVD

Published: 2004-04-26

Updated: 2017-07-11

Summary

Samsung SmartEther SS6215S switch, and possibly other Samsung switches, allows remote attackers and local users to gain administrative access by providing the admin username followed by a password that is the maximum allowed length, then pressing the enter key after the resulting error message.

Vulnerable Configurations

Part	Description	Count
Hardware	Securecomputing Securecomputing Smartether Ss6215S Switch *	1

References

http://marc.info/?l=bugtraq&m=108300407424571&w=2
http://www.securityfocus.com/bid/10219
https://exchange.xforce.ibmcloud.com/vulnerabilities/15973