Описание
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:internet_information_server:4.0:sp4:*:*:*:*:*:*
cpe:2.3:a:microsoft:visual_interdev:6.0:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.15941
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0.
EPSS
Процентиль: 94%
0.15941
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other