CVE-2004-1611

2004-10-18T00:00:00
ID CVE-2004-1611
Type cve
Reporter NVD
Modified 2017-07-10T21:31:11

Description

SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, which could allow remote attackers to (1) execute arbitrary SLX commands on the server or spoof the server via a man-in-the-middle (MITM) attack, or (2) obtain the database password via a GetConnection request to TCP port 1707.