Summary
Skybox Security Appliance is prone to multiple information-disclosure vulnerabilities.
Impact
This would allow the malicious party to read system-related information such as interface names, IP addresses and the appliance status.
Solution
Please refer to the vendor security advisor: Security Advisory 2014-3-25-1
Insight
A vulnerability has been found in some Skybox View Appliances' Admin interfaces which would allow a potential malicious party to bypass the authentication mechanism and obtain read-only access to the appliance's administrative menus.
Affected
Skybox View Appliances with ISO versions: 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54, 6.4.45-2.56, 6.4.46-2.57
Detection
Send a HTTP GET request and check the response.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-2084 -
CVSS Base Score: 8.5
AV:N/AC:L/Au:N/C:P/I:N/A:C
Related Vulnerabilities