CVE-2006-0993

high

Description

The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/26338

http://www.zerodayinitiative.com/advisories/ZDI-06-013.html

http://www.vupen.com/english/advisories/2006/1752

http://www.securityfocus.com/bid/17935

http://www.securityfocus.com/archive/1/433432/100/0/threaded

http://www.osvdb.org/25360

http://www.3com.com/securityalert/alerts/3COM-06-002.html

http://securitytracker.com/id?1016051

http://securityreason.com/securityalert/870

http://secunia.com/advisories/20058

Details

Source: Mitre, NVD

Published: 2006-05-10

Updated: 2026-04-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00815

Detections

Analytics