Lucene search

[email protected]CVE-2003-0340

HistoryMay 21, 2003 - 4:00 a.m.

CVE-2003-0340

2003-05-2104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0340

demarc puresecure 1.6

plaintext

authentication

security vulnerability

nvd

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.8%

JSON

Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges.

CPENameOperatorVersion
demarc_security:puresecuredemarc security puresecureeq1.6

CPE	Name	Operator	Version
demarc_security:puresecure	demarc security puresecure	eq	1.6

References

archives.neohapsis.com/archives/bugtraq/2003-05/0230.html

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.8%

JSON