CVE-2011-0756 : The application server in Trustwave WebDefend Enterprise before 5.0 uses hardcoded console credentials, which makes it e

The application server in Trustwave WebDefend Enterprise before 5.0 uses hardcoded console credentials, which makes it easier for remote attackers to read security-event data by using the remote console GUI to connect to the management port.

Published 2011-05-05 02:39:46

Updated 2011-05-31 04:00:00

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2011-0756

Probability of exploitation activity in the next 30 days: 0.33%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 70 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2011-0756

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2011-0756

CWE-255

Assigned by: nvd@nist.gov (Primary)

References for CVE-2011-0756

http://securitytracker.com/id?1025447

Trustwave WebDefend Enterprise Default Credentials Let Remote Users Access the Device - SecurityTracker

CVEs referencing this url
https://www.trustwave.com/spiderlabs/advisories/TWSL2011-001.txt

404 Not Found | Trustwave
Vendor Advisory

CVEs referencing this url

Products affected by CVE-2011-0756

Trustwave » Webdefend » Enterprise Edition
Versions up to, including, (<=) 3.0
cpe:2.3:h:trustwave:webdefend:*:*:enterprise:*:*:*:*:*
Matching versions
Trustwave » Webdefend » Version: 2.0 Enterprise Edition
cpe:2.3:h:trustwave:webdefend:2.0:*:enterprise:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2011-0756

Exploit prediction scoring system (EPSS) score for CVE-2011-0756

CVSS scores for CVE-2011-0756

CWE ids for CVE-2011-0756

References for CVE-2011-0756

Products affected by CVE-2011-0756