Lucene search

[email protected]CVE-2005-0248

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0248

2005-05-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

solaris

management console

smc

gui

cve-2005-0248

nvd

password aging

security

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.3%

JSON

The Solaris Management Console (SMC) GUI for Solaris 8 and 9, when creating user accounts that are configured for password aging, creates the accounts with a blank password, which allows remote or local attackers to break into those accounts.

CPENameOperatorVersion
sun:sunossun sunoseq5.8
sun:solarissun solariseq9.0
sun:solarissun solariseq8.0

CPE	Name	Operator	Version
sun:sunos	sun sunos	eq	5.8
sun:solaris	sun solaris	eq	9.0
sun:solaris	sun solaris	eq	8.0

References

secunia.com/advisories/13803/

securitytracker.com/id?1012860

sunsolve.sun.com/search/document.do?assetkey=1-26-57717-1

www.ciac.org/ciac/bulletins/p-096.shtml

www.securityfocus.com/bid/12260

exchange.xforce.ibmcloud.com/vulnerabilities/18868

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

68.3%

JSON