Lucene search

[email protected]CVE-2005-2285

HistoryJul 18, 2005 - 4:00 a.m.

CVE-2005-2285

2005-07-1804:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

webeoc

sensitive information

remote attacks

security vulnerability

cve-2005-2285

nvd

6.6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

72.6%

JSON

WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration.

CPENameOperatorVersion
esi_products:webeocesi products webeocle6.0.1

CPE	Name	Operator	Version
esi_products:webeoc	esi products webeoc	le	6.0.1

References

www.kb.cert.org/vuls/id/165290

www.kb.cert.org/vuls/id/JGEI-6BWPXL

6.6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

72.6%

JSON

Related for CVE-2005-2285

cert1