Vulnerability Details : CVE-2005-2027
Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 does not properly restrict certain debugging commands to the ADMIN account, which could allow attackers to obtain sensitive information or modify the registry.
Exploit prediction scoring system (EPSS) score for CVE-2005-2027
Probability of exploitation activity in the next 30 days: 0.21%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 58 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2005-2027
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2005-2027
-
http://www.enterasys.com/support/relnotes/VH-4802-2050509-patch-rel.pdf
Patch;Vendor Advisory
Products affected by CVE-2005-2027
- cpe:2.3:h:enterasys:vertical_horizon-2402s:2.05.09.07:*:*:*:*:*:*:*
- cpe:2.3:h:enterasys:vertical_horizon-2402s:2.05.00:*:*:*:*:*:*:*
- cpe:2.3:h:enterasys:vertical_horizon-2402s:2.05.08.01:*:*:*:*:*:*:*