Vulnerabilities > Breakingpointsystems
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-12 | CVE-2012-2964 | Improper Input Validation vulnerability in Breakingpointsystems products The BreakingPoint Storm appliance before 3.0 requires cleartext credentials for establishing a session from a GUI administrative client, which allows remote attackers to obtain sensitive information by sniffing the network for XML documents. | 5.0 |
2012-08-12 | CVE-2012-2963 | Improper Authentication vulnerability in Breakingpointsystems products The administrative interface in the embedded web server on the BreakingPoint Storm appliance before 3.0 does not require authentication for the gwt/BugReport script, which allows remote attackers to obtain sensitive information by downloading a .tgz file. | 5.0 |