Lucene search
MitreCVE-2003-1383HistoryOct 19, 2007 - 10:00 a.m.
CVE-2003-1383
2007-10-1910:00:00
CWE-264
mitre
web.nvd.nist.gov
18
cve-2003-1383
web security
information disclosure
mysql
database security
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.008
Percentile
81.5%
WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
Affected configurations
Node
logicworksweb_erpRange≤0.1.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| logicworks | web_erp | * | cpe:2.3:a:logicworks:web_erp:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2003-1383
2003-12-31 05:00:00
nessus
nessus
webERP Configuration File Remote Access
2003-05-20 00:00:00
cvelist
cvelist
CVE-2003-1383
2007-10-19 10:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.008
Percentile
81.5%
Related for CVE-2003-1383