Posted by Martin Jartelius on Feb 03

Vulnerabilities

—————

CVSS 10 – INSECURE CREDENTIAL STORAGE (Pass the Hash) CVE-2015-7914

CVSS 10 – INSECURE TRANSMISSION OF CREDENTIALS CVE-2015-7915

CVSS 7.4 – CROSS-SITE SCRIPTING CVE-2015-7916

Other risk exposures

—————

Undocumented default accounts

Note that default accounts with changeable passwords, even when those
are undocumented and do not look as user accounts neither in interface
or documentation,…