Lucene search

MitreCVE-2003-1553

HistoryMar 26, 2008 - 5:00 p.m.

CVE-2003-1553

2008-03-2617:00:00

CWE-200

mitre

web.nvd.nist.gov

cve-2003-1553

haakon nilsen

simple internet publishing system

sensitive information

access control

remote attackers

user information

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.01

Percentile

83.6%

JSON

Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory.

Affected configurations

Nvd

Node

sipssipsMatch0.2.2

VendorProductVersionCPE
sipssips0.2.2cpe:2.3:a:sips:sips:0.2.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sips	sips	0.2.2	cpe:2.3:a:sips:sips:0.2.2:::::::*

References

securityreason.com/securityalert/3780

www.securityfocus.com/archive/1/315504/30/25460/threaded

www.securityfocus.com/bid/7134

exchange.xforce.ibmcloud.com/vulnerabilities/11572

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.01

Percentile

83.6%

JSON

Related for CVE-2003-1553