Lucene search

[email protected]NVD:CVE-2005-2762

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-2762

2005-12-3105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

Percentile

12.6%

JSON

Avaya VPNRemote before 4.2.33 stores credentials in cleartext in process memory, which allows attackers to obtain the VPN user’s credentials.

Affected configurations

Nvd

Node

avayavpnremoteMatch4.2.23

avayavpnremoteMatch4.2.24

avayavpnremoteMatch4.2.26

avayavpnremoteMatch4.2.29

avayavpnremoteMatch4.2.30

avayavpnremoteMatch4.2.32

VendorProductVersionCPE
avayavpnremote4.2.23cpe:2.3:a:avaya:vpnremote:4.2.23:*:*:*:*:*:*:*
avayavpnremote4.2.24cpe:2.3:a:avaya:vpnremote:4.2.24:*:*:*:*:*:*:*
avayavpnremote4.2.26cpe:2.3:a:avaya:vpnremote:4.2.26:*:*:*:*:*:*:*
avayavpnremote4.2.29cpe:2.3:a:avaya:vpnremote:4.2.29:*:*:*:*:*:*:*
avayavpnremote4.2.30cpe:2.3:a:avaya:vpnremote:4.2.30:*:*:*:*:*:*:*
avayavpnremote4.2.32cpe:2.3:a:avaya:vpnremote:4.2.32:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
avaya	vpnremote	4.2.23	cpe:2.3:a:avaya:vpnremote:4.2.23:::::::*
avaya	vpnremote	4.2.24	cpe:2.3:a:avaya:vpnremote:4.2.24:::::::*
avaya	vpnremote	4.2.26	cpe:2.3:a:avaya:vpnremote:4.2.26:::::::*
avaya	vpnremote	4.2.29	cpe:2.3:a:avaya:vpnremote:4.2.29:::::::*
avaya	vpnremote	4.2.30	cpe:2.3:a:avaya:vpnremote:4.2.30:::::::*
avaya	vpnremote	4.2.32	cpe:2.3:a:avaya:vpnremote:4.2.32:::::::*

References

support.avaya.com/elmodocs2/security/ASA-2005-230.pdf

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

Percentile

12.6%

JSON

Related for NVD:CVE-2005-2762

cvelist1 cve1