CVE-2007-6226
Summary
| CVE | CVE-2007-6226 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-12-04 18:46:00 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
NoneIntegrity
NoneAvailability
CompleteAV:N/AC:M/Au:N/C:N/I:N/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apc | Oas | 3.5.6 | All | All | All |
| Application | Apc | Switched Rack Pdu Firmware | 3.5.5 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| APC Management Vulnerability - CXSecurity.com | af854a3a-2127-422b-91ae-364da2661108 | securityreason.com | |
| SecurityTracker.com Archives - APC Switched Rack Power Distribution Units Grant Access to Remote Users | af854a3a-2127-422b-91ae-364da2661108 | securitytracker.com | |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| APC Switched Rack PDU Authentication Bypass Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| SecurityFocus | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.