Lucene search

[email protected]NVD:CVE-2009-2357

HistoryJul 07, 2009 - 11:30 p.m.

CVE-2009-2357

2009-07-0723:30:00

CWE-16

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.008

Percentile

81.2%

JSON

The default configuration of TekRADIUS 3.0 uses the sa account to communicate with Microsoft SQL Server, which makes it easier for remote attackers to obtain privileged access to the database and the underlying Windows operating system.

Affected configurations

Nvd

Node

yasinkaplantekradiusMatch3.0

VendorProductVersionCPE
yasinkaplantekradius3.0cpe:2.3:a:yasinkaplan:tekradius:3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
yasinkaplan	tekradius	3.0	cpe:2.3:a:yasinkaplan:tekradius:3.0:::::::*

References

www.nth-dimension.org.uk/utils/get.php?downloadsid=56

www.securityfocus.com/archive/1/504740/100/0/threaded

www.vupen.com/english/advisories/2009/1816

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.008

Percentile

81.2%

JSON

Related for NVD:CVE-2009-2357

cve1 prion1 cvelist1 seebug1