Skybox View Appliances with ISO 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54, 6.4.45-2.56, and 6.4.46-2.57 does not properly restrict access to the Admin interface, which allows remote attackers to obtain sensitive information via a request to (1) scripts/commands/getSystemInformation or (2) scripts/commands/getNetworkConfigurationInfo, cause a denial of service (reboot) via a request to scripts/commands/reboot, or cause a denial of service (shutdown) via a request to scripts/commands/shutdown.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2014-05-17 12:55
Updated : 2014-06-12 21:54
NVD link : CVE-2014-2084
Mitre link : CVE-2014-2084
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
skyboxsecurity
- skybox_view_appliance
- skybox_view_appliance_iso