Lucene search

MitreCVE-2002-0453

HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0453

2002-08-1204:00:00

mitre

web.nvd.nist.gov

oblix netpoint

cve-2002-0453

password security

brute force attack

account lockout

nvd

remote attacks.

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.006

Percentile

79.5%

JSON

The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password guessing by waiting until the lockout period ends, then guessing passwords without being locked out again.

Affected configurations

Nvd

Node

oblixnetpointMatch5.2

VendorProductVersionCPE
oblixnetpoint5.2cpe:2.3:a:oblix:netpoint:5.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oblix	netpoint	5.2	cpe:2.3:a:oblix:netpoint:5.2:::::::*

References

www.iss.net/security_center/static/8461.php

www.securityfocus.com/archive/1/262066

www.securityfocus.com/bid/4288

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.006

Percentile

79.5%

JSON

Related for CVE-2002-0453