Lucene search

[email protected]CVE-2001-0056

HistoryMay 07, 2001 - 4:00 a.m.

CVE-2001-0056

2001-05-0704:00:00

[email protected]

web.nvd.nist.gov

cisco

cbos 2.4.1

web management

routers

invalid login

no log

cve-2001-0056

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.3%

JSON

The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection.

Affected configurations

NVD

Node

ciscobroadband_operating_systemRange≤2.4.1

CPENameOperatorVersion
cisco:broadband_operating_systemcisco broadband operating systemle2.4.1

CPE	Name	Operator	Version
cisco:broadband_operating_system	cisco broadband operating system	le	2.4.1

References

www.cisco.com/warp/public/707/CBOS-multiple.shtml

exchange.xforce.ibmcloud.com/vulnerabilities/5628

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.3%

JSON

Related for CVE-2001-0056

nvd1 cvelist1