Lucene search

[email protected]CVE-2004-2326

HistoryAug 16, 2005 - 4:00 a.m.

CVE-2004-2326

2005-08-1604:00:00

[email protected]

web.nvd.nist.gov

cve-2004-2326

sql injection

ip3 networks

netaccess appliance

bypass authentication

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.5%

JSON

SQL injection vulnerability in IP3 Networks NetAccess Appliance before firmware 3.1.18b13 allows remote attackers to bypass authentication via the (1) login or (2) password. NOTE: this issue was later reported to also affect firmware 4.0.34.

Affected configurations

NVD

Node

ip3_networksip3_netaccess

ip3_networksip3_netaccess_-_hospitality

ip3_networksip3_netaccess_-_wireless_hotspots

CPENameOperatorVersion
ip3_networks:ip3_netaccessip3 networks ip3 netaccesseq*
ip3_networks:ip3_netaccess_-_hospitalityip3 networks ip3 netaccess - hospitalityeq*
ip3_networks:ip3_netaccess_-_wireless_hotspotsip3 networks ip3 netaccess - wireless hotspotseq*

CPE	Name	Operator	Version
ip3_networks:ip3_netaccess	ip3 networks ip3 netaccess	eq	*
ip3_networks:ip3_netaccess_-_hospitality	ip3 networks ip3 netaccess - hospitality	eq	*
ip3_networks:ip3_netaccess_-_wireless_hotspots	ip3 networks ip3 netaccess - wireless hotspots	eq	*

References

www.securityfocus.com/archive/1/432007/100/0/threaded

www.securityfocus.com/bid/9858

exchange.xforce.ibmcloud.com/vulnerabilities/26106

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.5 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.5%

JSON

Related for CVE-2004-2326

cvelist1 nvd1