CVE-2001-1425

Опубликовано: 10 апр. 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login.

Ссылки

http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html
http://www.cert.org/advisories/CA-2001-08.html
US Government Resource
http://www.kb.cert.org/vuls/id/243592
US Government Resource
http://www.securityfocus.com/archive/1/175229
http://www.securityfocus.com/bid/2568
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6354
http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html
http://www.cert.org/advisories/CA-2001-08.html
US Government Resource
http://www.kb.cert.org/vuls/id/243592
US Government Resource
http://www.securityfocus.com/archive/1/175229
http://www.securityfocus.com/bid/2568
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6354

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:alcatel:speed_touch_home:khdsaa.108:*:*:*:*:*:*:*

cpe:2.3:h:alcatel:speed_touch_home:khdsaa.132:*:*:*:*:*:*:*

cpe:2.3:h:alcatel:speed_touch_home:khdsaa.133:*:*:*:*:*:*:*

cpe:2.3:h:alcatel:speed_touch_home:khdsaa.134:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.04163

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jrx8-7v63-j3rx

github

почти 4 года назад