Описание
Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Patch
- Vendor Advisory
- Vendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:site_server:3.0:*:i386:*:*:*:*:*
cpe:2.3:a:microsoft:site_server:3.0:apha:*:*:*:*:*:*
cpe:2.3:a:microsoft:site_server:3.0:sp1:i386:*:*:*:*:*
cpe:2.3:a:microsoft:site_server:3.0:sp1_alpha:*:*:*:*:*:*
cpe:2.3:a:microsoft:site_server:3.0:sp2:i386:*:*:*:*:*
cpe:2.3:a:microsoft:site_server:3.0:sp2_alpha:*:*:*:*:*:*
cpe:2.3:a:microsoft:site_server:3.0:sp3:i386:*:*:*:*:*
cpe:2.3:a:microsoft:site_server:3.0:sp3_alpha:*:*:*:*:*:*
cpe:2.3:a:microsoft:site_server_commerce:3.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:site_server_commerce:3.0:alpha:*:*:*:*:*:*
cpe:2.3:a:microsoft:site_server_commerce:3.0:sp1_alpha:*:*:*:*:*:*
cpe:2.3:a:microsoft:site_server_commerce:3.0:sp2_alpha:*:*:*:*:*:*
cpe:2.3:a:microsoft:site_server_commerce:3.0:sp3_alpha:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.18966
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege.
EPSS
Процентиль: 95%
0.18966
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other