CVE Vulnerabilities

CVE-2014-9248

Published: Dec 15, 2014 | Modified: Mar 21, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Zenoss Core through 5 Beta 3 does not require complex passwords, which makes it easier for remote attackers to obtain access via a brute-force attack, aka ZEN-15406.

Affected Software

Name Vendor Start Version End Version
Zenoss_core Zenoss * 5.0.0 (including)
Zenoss_core Zenoss 2.4.0 (including) 2.4.0 (including)
Zenoss_core Zenoss 2.4.5 (including) 2.4.5 (including)
Zenoss_core Zenoss 2.5.0 (including) 2.5.0 (including)
Zenoss_core Zenoss 2.5.1 (including) 2.5.1 (including)
Zenoss_core Zenoss 2.5.2 (including) 2.5.2 (including)
Zenoss_core Zenoss 3.0.0 (including) 3.0.0 (including)
Zenoss_core Zenoss 3.0.1 (including) 3.0.1 (including)
Zenoss_core Zenoss 3.0.2 (including) 3.0.2 (including)
Zenoss_core Zenoss 3.0.3 (including) 3.0.3 (including)
Zenoss_core Zenoss 3.1.0 (including) 3.1.0 (including)
Zenoss_core Zenoss 3.2.0 (including) 3.2.0 (including)
Zenoss_core Zenoss 3.2.1 (including) 3.2.1 (including)
Zenoss_core Zenoss 4.2.0 (including) 4.2.0 (including)
Zenoss_core Zenoss 4.2.3 (including) 4.2.3 (including)
Zenoss_core Zenoss 4.2.4 (including) 4.2.4 (including)
Zenoss_core Zenoss 4.2.5 (including) 4.2.5 (including)
Zenoss_core Zenoss 5.0.0 (including) 5.0.0 (including)
Zenoss_core Zenoss 5.0.0-beta_1 (including) 5.0.0-beta_1 (including)
Zenoss_core Zenoss 5.0.0-beta_2 (including) 5.0.0-beta_2 (including)

References