Vulnerability Details : CVE-2004-2691
Public exploit exists!
Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service (device reset) via a crafted request to the web management interface. NOTE: the provenance of this information is unknown; details are obtained from third party reports.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2004-2691
Probability of exploitation activity in the next 30 days: 96.44%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2004-2691
-
3Com SuperStack Switch Denial of Service
Disclosure Date: 2004-06-24First seen: 2020-04-26auxiliary/dos/http/3com_superstack_switchThis module causes a temporary denial of service condition against 3Com SuperStack switches. By sending excessive data to the HTTP Management interface, the switch stops responding temporarily. The device does not reset. Tested successfully against a 3300SM f
CVSS scores for CVE-2004-2691
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.1
|
HIGH | AV:N/AC:M/Au:N/C:N/I:N/A:C |
8.6
|
6.9
|
NIST |
References for CVE-2004-2691
Products affected by CVE-2004-2691
- cpe:2.3:h:3com:3c17205-us:*:firmware_3.30:*:*:*:*:*:*
- cpe:2.3:h:3com:3c17210-us:*:firmware_3.30:*:*:*:*:*:*
- cpe:2.3:h:3com:superstack_3_switch:4400:firmware_3.30:*:*:*:*:*:*
- cpe:2.3:h:3com:superstack_3_switch:4400_se:firmware_3.30:*:*:*:*:*:*