Lucene search

[email protected]NVD:CVE-2003-1553

HistoryDec 31, 2003 - 5:00 a.m.

CVE-2003-1553

2003-12-3105:00:00

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.01

Percentile

83.6%

JSON

Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory.

Affected configurations

Nvd

Node

sipssipsMatch0.2.2

VendorProductVersionCPE
sipssips0.2.2cpe:2.3:a:sips:sips:0.2.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sips	sips	0.2.2	cpe:2.3:a:sips:sips:0.2.2:::::::*

References

securityreason.com/securityalert/3780

www.securityfocus.com/archive/1/315504/30/25460/threaded

www.securityfocus.com/bid/7134

exchange.xforce.ibmcloud.com/vulnerabilities/11572

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.01

Percentile

83.6%

JSON

Related for NVD:CVE-2003-1553

exploitdb1 cvelist1 cve1