CVE-2002-2145

2022-10-0316:23:49

mitre

www.cve.org

savant web server

authentication bypass

remote attackers

7.1 High

AI Score

Confidence

Low

0.052 Low

EPSS

Percentile

93.1%

JSON

Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a ‘.’ (%2e) at the end of the filename.

References

online.securityfocus.com/archive/1/291791

www.iss.net/security_center/static/10104.php

www.securityfocus.com/bid/5709