QwikSec

Security Database

CVE

CWE

Training

CVE-2013-2352

Published: Jul 10, 2013

Modified: Sep 16, 2024

PUBLISHED

Description

LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of an unused one-time password.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_HP

http://www.theregister.co.uk/2013/07/09/hp_storage_more_possible_backdoors/

x_refsource_MISC

vendor-advisory

x_refsource_HP

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.