Vulnerabilities > CVE-2005-4326 - Remote Security vulnerability in PowerChute Network Shutdown

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

apc

NVD

Published: 2005-12-17

Updated: 2017-07-20

Summary

The web interface for American Power Conversion (APC) PowerChute Network Shutdown performs all communication in cleartext (base64-encoded), which allows remote attackers to sniff authentication credentials.

Vulnerable Configurations

Part	Description	Count
Application	Apc APC Powerchute Network Shutdown *	1

References

http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7330
http://securitytracker.com/alerts/2005/Nov/1015250.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/23183