Lucene search

[email protected]CVE-2005-1411

HistoryMay 03, 2005 - 4:00 a.m.

CVE-2005-1411

2005-05-0304:00:00

[email protected]

web.nvd.nist.gov

cve-2005-1411

cybration icuii

plaintext password

local privilege escalation

icuii.ini

security vulnerability

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Cybration ICUII 7.0 stores passwords in plaintext in the world-readable icuii.ini file, which allows local users to gain privileges.

Affected configurations

NVD

Node

cybrationicuiiMatch7.0

CPENameOperatorVersion
cybration:icuiicybration icuiieq7.0

CPE	Name	Operator	Version
cybration:icuii	cybration icuii	eq	7.0

References

osvdb.org/ref/14/14688-icuii.txt

secunia.com/advisories/15171

securitytracker.com/id?1013828

www.osvdb.org/14688

www.securityfocus.com/bid/13441

exchange.xforce.ibmcloud.com/vulnerabilities/20321

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2005-1411

cvelist1 nvd1