Lucene search

[email protected]CVE-2000-0434

HistoryMay 13, 2000 - 4:00 a.m.

CVE-2000-0434

2000-05-1304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2000-0434

allmanage

web administration

plaintext password

remote attack

nvd

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.5%

JSON

The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers.

CPENameOperatorVersion
matthew_redman:allmanagematthew redman allmanageeq2.6

CPE	Name	Operator	Version
matthew_redman:allmanage	matthew redman allmanage	eq	2.6

References

archives.neohapsis.com/archives/bugtraq/2000-05/0167.html

www.securityfocus.com/bid/1217

7.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.5%

JSON