Lucene search

[email protected]CVE-2002-0769

HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0769

2002-08-1204:00:00

[email protected]

web.nvd.nist.gov

cisco

ata 186

remote attackers

authentication bypass

http post

security vulnerability

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.1 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.4%

JSON

The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.

Affected configurations

NVD

Node

ciscoata-186

CPENameOperatorVersion
cisco:ata-186cisco ata-186eq*

CPE	Name	Operator	Version
cisco:ata-186	cisco ata-186	eq	*

References

archives.neohapsis.com/archives/bugtraq/2002-05/0083.html

www.cisco.com/warp/public/707/ata186-password-disclosure.shtml

www.iss.net/security_center/static/9056.php

www.iss.net/security_center/static/9057.php

www.securityfocus.com/bid/4711

www.securityfocus.com/bid/4712

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.1 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.4%

JSON

Related for CVE-2002-0769

nvd1 nessus1 cvelist1