Lucene search

[email protected]NVD:CVE-2004-1769

HistoryMar 11, 2004 - 5:00 a.m.

CVE-2004-1769

2004-03-1105:00:00

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.119 Low

EPSS

Percentile

95.4%

JSON

The “Allow cPanel users to reset their password via email” feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass.

Affected configurations

NVD

Node

cpanelcpanelMatch5.0

cpanelcpanelMatch5.3

cpanelcpanelMatch6.0

cpanelcpanelMatch6.2

cpanelcpanelMatch6.4

cpanelcpanelMatch6.4.1

cpanelcpanelMatch6.4.2

cpanelcpanelMatch6.4.2_stable_48

cpanelcpanelMatch7.0

cpanelcpanelMatch8.0

cpanelcpanelMatch9.0

cpanelcpanelMatch9.1

References

marc.info/?l=bugtraq&m=107904890724201&w=2

secunia.com/advisories/11111

www.kb.cert.org/vuls/id/831534

www.securityfocus.com/archive/1/357064/2004-03-08/2004-03-14/0

www.securityfocus.com/bid/9848

exchange.xforce.ibmcloud.com/vulnerabilities/15443

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

High

0.119 Low

EPSS

Percentile

95.4%

JSON

Related for NVD:CVE-2004-1769

cvelist1 cve1 nessus1