Lucene search

K
cve[email protected]CVE-2002-0507
HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0507

2002-08-1204:00:00
CWE-287
web.nvd.nist.gov
32
microsoft
owa
rsa securid
authentication bypass
vulnerability
cve-2002-0507
nvd

7.1 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.043 Low

EPSS

Percentile

92.3%

An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA.

Affected configurations

NVD
Node
microsoftexchange_serverMatch5.5-
OR
microsoftexchange_serverMatch5.5sp1
OR
microsoftexchange_serverMatch5.5sp2
OR
microsoftexchange_serverMatch5.5sp3
OR
microsoftexchange_serverMatch5.5sp4
OR
microsoftexchange_serverMatch2000-
OR
microsoftexchange_serverMatch2000sp1
OR
microsoftexchange_serverMatch2000sp2
Node
rsasecuridMatch5.0

7.1 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.043 Low

EPSS

Percentile

92.3%

Related for CVE-2002-0507