Vulnerabilities > CVE-2005-2984 - Unspecified vulnerability in Data Center Resources Avocent Ccm48502.1Firmware

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

data-center-resources

NVD

Published: 2005-09-20

Updated: 2017-07-11

Summary

Avocent CCM console server running firmware 2.1 CCM4850 allows remote authenticated attackers to bypass port restrictions by connecting to the server via SSH and using the connect command to access the serial port.

Vulnerable Configurations

Part	Description	Count
Hardware	Data_Center_Resources Data Center Resources Avocent Ccm4850_2.1_Firmware	1

References

http://drwetter.org/cs-probs/avocent-sshbug.txt
http://marc.info/?l=bugtraq&m=112680615103315&w=2
http://secunia.com/advisories/16836/
http://www.securityfocus.com/bid/14853
https://exchange.xforce.ibmcloud.com/vulnerabilities/22302