CVE-2012-2964

BreakingPoint Storm <3.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

The BreakingPoint Storm appliance before 3.0 requires cleartext credentials for establishing a session from a GUI administrative client, which allows remote attackers to obtain sensitive information by sniffing the network for XML documents.

References (3)

Core 3
Core References
US Government Resource x_refsource_confirm
http://www.kb.cert.org/vuls/id/MAPG-8GANCC
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/520430

Scores

EPSS 0.0177
EPSS Percentile 75.5%

Details

CWE
CWE-20
Status published
Products (5)
breakingpointsystems/breakingpoint_storm_appliance
breakingpointsystems/breakingpoint_storm_appliance_ctm 1.2
breakingpointsystems/breakingpoint_storm_appliance_ctm 1.4
breakingpointsystems/breakingpoint_storm_appliance_ctm 1.5
breakingpointsystems/breakingpoint_storm_appliance_ctm < 2.0
Published Aug 12, 2012
Tracked Since Feb 18, 2026