Vulnerability Details : CVE-2013-2342
The HP StoreOnce D2D backup system with software before 3.0.0 has a default password of badg3r5 for the HPSupport account, which allows remote attackers to obtain administrative access and delete data via an SSH session.
Exploit prediction scoring system (EPSS) score for CVE-2013-2342
Probability of exploitation activity in the next 30 days: 0.12%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 45 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-2342
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.7
|
HIGH | AV:A/AC:L/Au:S/C:C/I:C/A:C |
5.1
|
10.0
|
NIST |
CWE ids for CVE-2013-2342
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-2342
-
http://www.lolware.net/hpstorage.html
HP D2D / Storeonce Backdoor
-
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03813919
HP Support for Technical Help and Troubleshooting | HP® Customer Service.Vendor Advisory
Products affected by CVE-2013-2342
- cpe:2.3:a:hp:storeonce_d2d:*:*:*:*:*:*:*:*
- cpe:2.3:a:hp:storeonce_d2d:2.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:hp:storeonce_d2d:2.2.00:*:*:*:*:*:*:*
- cpe:2.3:a:hp:storeonce_d2d:2.2.16:*:*:*:*:*:*:*
- cpe:2.3:a:hp:storeonce_d2d:2.2.14:*:*:*:*:*:*:*
- cpe:2.3:a:hp:storeonce_d2d:2.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:hp:storeonce_d2d:2.1.01:*:*:*:*:*:*:*