Lucene search

[email protected]CVE-2005-4029

HistoryDec 05, 2005 - 11:03 a.m.

CVE-2005-4029

2005-12-0511:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

webeoc

security vulnerability

username disclosure

html source

nvd

cve-2005-4029

7.3 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.7%

JSON

WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could be useful in other attacks such as locking out valid users via brute force methods.

CPENameOperatorVersion
esi_products:webeocesi products webeocle6.0.1

CPE	Name	Operator	Version
esi_products:webeoc	esi products webeoc	le	6.0.1

References

www.kb.cert.org/vuls/id/170394

7.3 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.7%

JSON