CVE-2007-6226

Published: Dec 4, 2007Modified: Apr 23, 2026

7.1

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability: 8.6 / Impact: 6.9

Source: NVD

Description

The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU), with rpdu 3.5.5 and aos 3.5.6, allows remote attackers to bypass authentication and obtain login access by making a login attempt while a different client is logged in, and then resubmitting the login attempt once the other client exits.

Affected (2)

Products: Apc: Oas, Switched Rack Pdu Firmware

2 products

Switched Rack Pdu Firmware

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apc Oas	Version 3.5.6
Apc Switched Rack Pdu Firmware	Version 3.5.5

Related CWEs

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (10)

http://securityreason.com/securityalert/3418

Source: cve@mitre.org

http://securitytracker.com/id?1019018

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/484363/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/26636

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/38783

Source: cve@mitre.org

http://securityreason.com/securityalert/3418

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1019018

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/484363/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/26636

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/38783

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.