exploitDog

CVE-2002-0396

Опубликовано: 26 июл. 2002

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session.

Ссылки

http://www.atstake.com/research/advisories/2002/a060502-1.txt
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4940
https://exchange.xforce.ibmcloud.com/vulnerabilities/9265
http://www.atstake.com/research/advisories/2002/a060502-1.txt
Exploit
Patch
Vendor Advisory
http://www.securityfocus.com/bid/4940
https://exchange.xforce.ibmcloud.com/vulnerabilities/9265

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:red-m:1050ap_lan_acess_point:*:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00527

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-47f6-f753-phf9

github

почти 4 года назад

The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session.

EPSS

Процентиль: 67%

0.00527

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other