Lucene search
HistoryJun 09, 2003 - 4:00 a.m.
CVE-2003-0240
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.7 Medium
AI Score
Confidence
Low
0.024 Low
EPSS
Percentile
89.9%
The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).
Affected configurations
Node
axis2100_network_cameraRange≤2.32
ORaxis2110_network_cameraRange≤2.32
ORaxis2120_network_cameraRange≤2.32
ORaxis2130_ptz_network_cameraRange≤2.32
ORaxis2400_video_serverRange≤2.32
ORaxis2401_video_serverRange≤2.32
ORaxis2420_network_cameraRange≤2.32
ORaxis2460_network_dvrRange≤3.00
ORaxis250s_video_serverRange≤3.02
Related
cve
cve
CVE-2003-0240
2003-06-09 04:00:00
packetstorm
packetstorm
core.axis.txt
2003-05-28 00:00:00
cert
cert
Various Axis products allow unauthorized remote privileged access
2003-06-05 00:00:00
cvelist
cvelist
CVE-2003-0240
2003-05-30 04:00:00
coresecurity
coresecurity
Axis Network Camera HTTP Authentication Bypass
2003-05-27 00:00:00
securityvulns
securityvulns
CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass
2003-05-28 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.7 Medium
AI Score
Confidence
Low
0.024 Low
EPSS
Percentile
89.9%
Related for NVD:CVE-2003-0240