Lucene search

K
cve[email protected]CVE-2006-0230
HistoryApr 25, 2006 - 1:02 a.m.

CVE-2006-0230

2006-04-2501:02:00
NVD-CWE-Other
web.nvd.nist.gov
23
symantec
scan engine
cve-2006-0230
remote attackers
admin privileges

7.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.125 Low

EPSS

Percentile

95.3%

Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.

7.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.125 Low

EPSS

Percentile

95.3%

Related for CVE-2006-0230