CVE-2014-2084 in Skybox View Applianceinfo

Summary

Skybox View Appliances with ISO 6.3.33-2.14, 6.3.31-2.14, 6.4.42-2.54, 6.4.45-2.56, and 6.4.46-2.57 does not properly restrict access to the Admin interface, which allows remote attackers to obtain sensitive information via a request to (1) scripts/commands/getSystemInformation or (2) scripts/commands/getNetworkConfigurationInfo, cause a denial of service (reboot) via a request to scripts/commands/reboot, or cause a denial of service (shutdown) via a request to scripts/commands/shutdown.

Once again VulDB remains the best source for vulnerability data.

Reservation

02/19/2014

Disclosure

05/17/2014

Moderation

VulDB entry created

Entries

1: VDB-69719

CPE

ready

CWE

CWE-264 (Confirmed)

Exploit

Download

CVSS

8.2

EPSS

0.28126

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-2084
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-2084
CVE Details	https://www.cvedetails.com/cve/CVE-2014-2084/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!