Lucene search

K
cve[email protected]CVE-2004-2079
HistoryMay 19, 2005 - 4:00 a.m.

CVE-2004-2079

2005-05-1904:00:00
web.nvd.nist.gov
19
red-m red-alert
authentication bypass
cve-2004-2079
nvd

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.5%

Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user.

Affected configurations

NVD
Node
red-mred-alertMatch2.7.5_v3.1_build_24

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.5%

Related for CVE-2004-2079