CVE-2006-0248

Virata-EmWeb web server 6_1_0, as used in (1) Intracom JetSpeed 500 and 520 and (2) Allied Data Technologies CopperJet 811 RouterPlus, allows remote attackers to access privileged information, such as user lists and configuration settings, via direct HTTP requests.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://blog.globalnetworks.gr/?p=4
http://secunia.com/advisories/18483	Vendor Advisory
http://www.vupen.com/english/advisories/2006/0218
https://exchange.xforce.ibmcloud.com/vulnerabilities/24304
http://blog.globalnetworks.gr/?p=4
http://secunia.com/advisories/18483	Vendor Advisory
http://www.vupen.com/english/advisories/2006/0218
https://exchange.xforce.ibmcloud.com/vulnerabilities/24304

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:intracom:jetspeed:500:::::::*
	cpe:2.3:a:intracom:jetspeed:520:::::::*

History

21 Nov 2024, 00:06

Type	Values Removed	Values Added
References	~~() http://blog.globalnetworks.gr/?p=4 -~~	() http://blog.globalnetworks.gr/?p=4 -
References	~~() http://secunia.com/advisories/18483 - Vendor Advisory~~	() http://secunia.com/advisories/18483 - Vendor Advisory
References	~~() http://www.vupen.com/english/advisories/2006/0218 -~~	() http://www.vupen.com/english/advisories/2006/0218 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/24304 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/24304 -

Information

Published : 2006-01-18 01:51

Updated : 2025-04-03 01:03

NVD link : CVE-2006-0248

Mitre link : CVE-2006-0248

CVE.ORG link : CVE-2006-0248

JSON object : View

Products Affected

intracom

jetspeed

CWE

NVD-CWE-Other

{"id": "CVE-2006-0248", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-01-18T01:51:00.000", "references": [{"url": "http://blog.globalnetworks.gr/?p=4", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/18483", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/0218", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24304", "source": "cve@mitre.org"}, {"url": "http://blog.globalnetworks.gr/?p=4", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/18483", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/0218", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24304", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Virata-EmWeb web server 6_1_0, as used in (1) Intracom JetSpeed 500 and 520 and (2) Allied Data Technologies CopperJet 811 RouterPlus, allows remote attackers to access privileged information, such as user lists and configuration settings, via direct HTTP requests."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intracom:jetspeed:500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "367C6B60-923D-46EB-A0DE-374FD61181BE"}, {"criteria": "cpe:2.3:a:intracom:jetspeed:520:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FF5649E-290A-42C0-B89A-792577AB58DB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}