Lucene search
HistoryAug 07, 2003 - 4:00 a.m.
CVE-2003-0493
snitz forums
3.4.03
privilege escalation
stolen password
session id
nvd
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.0%
Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID.
Affected configurations
Node
snitz_communicationssnitz_forums_2000Match3.4.03
| CPE | Name | Operator | Version |
|---|---|---|---|
| snitz_communications:snitz_forums_2000 | snitz communications snitz forums 2000 | eq | 3.4.03 |
Related
nvd
nvd
CVE-2003-0493
2003-08-07 04:00:00
cvelist
cvelist
CVE-2003-0493
2003-06-28 04:00:00
exploitpack
exploitpack
Snitz Forums 2000 3.4.0.3 - Multiple Vulnerabilities
2003-06-16 00:00:00
exploitdb
exploitdb
Snitz Forums 2000 < 3.4.0.3 - Multiple Vulnerabilities
2003-06-16 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
73.0%
Related for CVE-2003-0493