Remote Administration Vulnerability in HP Procurve 4000M Switch
CVE-2002-1147

Currently unrated

Key Information:

Vendor: HP
Status: Procurve Switch 4000m
Vendor: CVE Published:; 11 October 2002

What is CVE-2002-1147?

The HTTP administration interface for the HP Procurve 4000M Switch firmware prior to version C.09.16 contains a significant vulnerability. This flaw allows remote attackers to send unauthenticated requests specifically to reset the device, potentially leading to a denial of service. If remote administration is enabled along with the device stacking features, it exacerbates the risk, as attackers can exploit this weakness through direct requests to the device_reset CGI program, effectively disrupting network operations.

References

http://www.tech-serve.com/research/advisories/2002/a09230...

x_refsource_MISC

http://marc.info/?l=bugtraq&m=103287951910420&w=2

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/10172.php

vdb-entryx_refsource_XF

EPSS Score

5% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 11, 2002
Vulnerability Reserved
Sep 24, 2002