Vulnerabilities > CVE-2014-2950 - Unauthorized Access vulnerability in Datum Systems PSM-4500 and PSM-500 Series
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
NONE Availability impact
NONE Summary
Datum Systems SnIP on PSM-500 and PSM-4500 devices does not require authentication for FTP sessions, which allows remote attackers to obtain sensitive information via RETR commands. <a href="http://cwe.mitre.org/data/definitions/220.html" target="_blank">CWE-220: Sensitive Data Under FTP Root</a>
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 |