exploitDog

CVE-2001-1254

Опубликовано: 27 сент. 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing.

Ссылки

http://online.securityfocus.com/archive/1/217200
Patch
Vendor Advisory
http://www.securityfocus.com/bid/3373
http://online.securityfocus.com/archive/1/217200
Patch
Vendor Advisory
http://www.securityfocus.com/bid/3373

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:com2001:alexis_server:2.0:*:*:*:*:*:*:*

cpe:2.3:a:com2001:alexis_server:2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00555

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-5578-59v6-6mxc

github

больше 3 лет назад

Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing.

EPSS

Процентиль: 67%

0.00555

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other