Vulnerabilities > CVE-2007-4598 - Credentials Management vulnerability in IBM Surepos 500
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
IBM SurePOS 500 has (1) a default password of "12345" for the manager and (2) blank default passwords for operator accounts.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 1 |
Common Weakness Enumeration (CWE)
References
- http://isc.sans.org/diary.html?storyid=3323
- http://isc.sans.org/diary.html?storyid=3323
- http://osvdb.org/45835
- http://osvdb.org/45835
- http://www.collegeid.com/SurePOS%20500%20Manual.pdf
- http://www.collegeid.com/SurePOS%20500%20Manual.pdf
- http://www.hackerfactor.com/papers/cc-pos-20.pdf
- http://www.hackerfactor.com/papers/cc-pos-20.pdf