CVE-2012-4362

Published: Aug 20, 2012Modified: Apr 29, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838.

Affected (1)

Products: Hp: San/iq

1 product

San/iq

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp San/iq	Version 9.5

Running on/with	Platform Versions
Hp Virtual San Appliance	All versions

Related CWEs

CWE-255

References (6)

http://www.exploit-db.com/exploits/18893/

Source: cve@mitre.org

Exploit

http://www.exploit-db.com/exploits/18901/

Source: cve@mitre.org

Exploit

http://www.kb.cert.org/vuls/id/441363

Source: cve@mitre.org

US Government Resource

http://www.exploit-db.com/exploits/18893/

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.exploit-db.com/exploits/18901/

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.kb.cert.org/vuls/id/441363

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

Timeline

No history available yet.