CVE-2004-1766
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
79.8%
The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communication with devices running ScreenOS 5.0, which allows remote attackers to obtain sensitive information via sniffing.
Affected configurations
References
secunia.com/advisories/10675
www.juniper.net/support/security/alerts/58290.txt
www.kb.cert.org/vuls/id/927630
www.kb.cert.org/vuls/id/CRDY-5VEU8N
www.netscreen.com/services/security/alerts/1_19_04_58290.jsp
www.osvdb.org/3613
www.securityfocus.com/bid/9455
exchange.xforce.ibmcloud.com/vulnerabilities/14886
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.007 Low
EPSS
Percentile
79.8%