Lucene search

[email protected]NVD:CVE-2004-2079

HistoryFeb 09, 2004 - 5:00 a.m.

CVE-2004-2079

2004-02-0905:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.5%

JSON

Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user.

Affected configurations

NVD

Node

red-mred-alertMatch2.7.5_v3.1_build_24

References

genhex.org/releases/031003.txt

marc.info/?l=full-disclosure&m=107635119005407&w=2

securitytracker.com/id?1009001

www.osvdb.org/3952

www.securiteam.com/securitynews/5SP0C0KC0A.html

www.securityfocus.com/archive/1/353211

www.securityfocus.com/bid/9618

exchange.xforce.ibmcloud.com/vulnerabilities/15088

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.5%

JSON

Related for NVD:CVE-2004-2079

cvelist1 cve1