Lucene search

MitreCVE-2002-1520

HistorySep 01, 2004 - 4:00 a.m.

CVE-2002-1520

2004-09-0104:00:00

mitre

web.nvd.nist.gov

watchguard

firebox

vclass

ssh

cli

security vulnerability

remote access

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.011

Percentile

84.8%

JSON

The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privileges.

Affected configurations

Nvd

Node

rapidstreamrapidstreamMatch500

rapidstreamrapidstreamMatch2000

rapidstreamrapidstreamMatch4000

rapidstreamrapidstreamMatch6000

rapidstreamrapidstreamMatch8000

watchguardfireboxMatchv10

watchguardfireboxMatchv60

watchguardfireboxMatchv80

watchguardfireboxMatchv100

VendorProductVersionCPE
rapidstreamrapidstream500cpe:2.3:h:rapidstream:rapidstream:500:*:*:*:*:*:*:*
rapidstreamrapidstream2000cpe:2.3:h:rapidstream:rapidstream:2000:*:*:*:*:*:*:*
rapidstreamrapidstream4000cpe:2.3:h:rapidstream:rapidstream:4000:*:*:*:*:*:*:*
rapidstreamrapidstream6000cpe:2.3:h:rapidstream:rapidstream:6000:*:*:*:*:*:*:*
rapidstreamrapidstream8000cpe:2.3:h:rapidstream:rapidstream:8000:*:*:*:*:*:*:*
watchguardfireboxv10cpe:2.3:h:watchguard:firebox:v10:*:*:*:*:*:*:*
watchguardfireboxv60cpe:2.3:h:watchguard:firebox:v60:*:*:*:*:*:*:*
watchguardfireboxv80cpe:2.3:h:watchguard:firebox:v80:*:*:*:*:*:*:*
watchguardfireboxv100cpe:2.3:h:watchguard:firebox:v100:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
rapidstream	rapidstream	500	cpe:2.3:h:rapidstream:rapidstream:500:::::::*
rapidstream	rapidstream	2000	cpe:2.3:h:rapidstream:rapidstream:2000:::::::*
rapidstream	rapidstream	4000	cpe:2.3:h:rapidstream:rapidstream:4000:::::::*
rapidstream	rapidstream	6000	cpe:2.3:h:rapidstream:rapidstream:6000:::::::*
rapidstream	rapidstream	8000	cpe:2.3:h:rapidstream:rapidstream:8000:::::::*
watchguard	firebox	v10	cpe:2.3:h:watchguard:firebox:v10:::::::*
watchguard	firebox	v60	cpe:2.3:h:watchguard:firebox:v60:::::::*
watchguard	firebox	v80	cpe:2.3:h:watchguard:firebox:v80:::::::*
watchguard	firebox	v100	cpe:2.3:h:watchguard:firebox:v100:::::::*

References

archives.neohapsis.com/archives/bugtraq/2002-09/0325.html

archives.neohapsis.com/archives/bugtraq/2002-09/0335.html

www.iss.net/security_center/static/10218.php

www.osvdb.org/4831

www.securityfocus.com/bid/5815

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.1

Confidence

Low

EPSS

0.011

Percentile

84.8%

JSON

Related for CVE-2002-1520