Lucene search

[email protected]CVE-2003-1442

HistoryOct 23, 2007 - 1:00 a.m.

CVE-2003-1442

2007-10-2301:00:00

CWE-287

[email protected]

web.nvd.nist.gov

ericsson

hm220dp

adsl modem

unauthenticated access

web administration

lan

remote attacks

vulnerability

cve-2003-1442

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.2%

JSON

The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side.

Affected configurations

NVD

Node

ericssonhm220dp_adsl_modem

CPENameOperatorVersion
ericsson:hm220dp_adsl_modemericsson hm220dp adsl modemeq*

CPE	Name	Operator	Version
ericsson:hm220dp_adsl_modem	ericsson hm220dp adsl modem	eq	*

References

archives.neohapsis.com/archives/bugtraq/2003-02/0127.html

marc.info/?l=bugtraq&m=104619331706574&w=2

www.securityfocus.com/bid/6824

exchange.xforce.ibmcloud.com/vulnerabilities/11290

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2003-1442

nvd1 cvelist1