5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.008 Low
EPSS
Percentile
80.8%
Mozilla Firefox 1.0.4 and 1.0.5 does not choose the challenge with the
strongest authentication scheme available as required by RFC2617, which
might cause credentials to be sent in plaintext even if an encrypted
channel is available.