CVE-2004-1611

2004-10-18T04:00:00
ID CVE-2004-1611
Type cve
Reporter cve@mitre.org
Modified 2017-07-11T01:31:00

Description

SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, which could allow remote attackers to (1) execute arbitrary SLX commands on the server or spoof the server via a man-in-the-middle (MITM) attack, or (2) obtain the database password via a GetConnection request to TCP port 1707.